So I'm trying to understand if we have an issue here or not…
We have a PowerShell script that uses the Get-ADPrincipalGroupMembership cmdlet.
One of our domain controllers was offline temporarily and the script suddenly started to fail with an error stating, "The server is not operational." When the domain controller came back online the script suddenly worked again.
From what I can tell, the Get-ADPrincipalGroupMembership cmdlet requires a global catalog to perform the group search, so I presume the domain controller in question was somehow the global catalog server of choice for the server running the script. However, I'm confused as to why the server would not simply try to locate another global catalog server in the site (of which there are two).
If I run Get-ADForest, I can see all the global catalog servers listed correctly. The DC in question has held FSMO roles in the past, but does not any longer.
So the question is, does the above behavior indicate some kind of issue? I wouldn't expect the loss of a single domain controller in a site with multiple domain controllers to cause this issue.