I'm currently having trouble promoting a server to a domain controller ( windows server 2016 ). I have 2 segment, 1 is 10.101.16.0/24 and the other is 10.101.17.0/24
The domain is on the 16.0 segment, the server that i want to join is on the 17.0 segment. been trying off and on for a week or so to resolve this issue. Any help would be appreciated. Thanks
I perform NSlookup and it can resolve the name.
I did a portqry from the 17 segment to the domain server on 16 segment. the log is below.
=============================================Starting portqry.exe -n 10.101.16.25 -e 135 -p TCP ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 135 (epmap service): LISTENING
Using ephemeral source port
Querying Endpoint Mapper Database...
Server's response:
UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d
ncacn_ip_tcp:10.101.16.25[49664]
UUID: 6b5bdd1e-528c-422c-af8c-a4079be4fe48 Remote Fw APIs
ncacn_ip_tcp:10.101.16.25[49669]
UUID: 897e2e5f-93f3-4376-9c9c-fd2277495c27 Frs2 Service
ncacn_ip_tcp:10.101.16.25[58819]
UUID: 50abc2a4-574d-40b3-9d66-ee4fd5fba076
ncacn_ip_tcp:10.101.16.25[49694]
UUID: 367abb81-9844-35f1-ad32-98f038001003
ncacn_ip_tcp:10.101.16.25[49680]
UUID: 12345678-1234-abcd-ef00-0123456789ab
ncacn_ip_tcp:10.101.16.25[49673]
UUID: 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
ncacn_ip_tcp:10.101.16.25[49673]
UUID: ae33069b-a2a8-46ee-a235-ddfd339be281
ncacn_ip_tcp:10.101.16.25[49673]
UUID: 4a452661-8290-4b36-8fbe-7f4093a94978
ncacn_ip_tcp:10.101.16.25[49673]
UUID: 76f03f96-cdfd-44fc-a22c-64950a001209
ncacn_ip_tcp:10.101.16.25[49673]
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
ncacn_ip_tcp:10.101.16.25[49667]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_ip_tcp:10.101.16.25[49667]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_http:10.101.16.25[49670]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: 12345778-1234-abcd-ef00-0123456789ab
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: 12345778-1234-abcd-ef00-0123456789ab
ncacn_ip_tcp:10.101.16.25[49667]
UUID: 12345778-1234-abcd-ef00-0123456789ab
ncacn_http:10.101.16.25[49670]
UUID: 12345778-1234-abcd-ef00-0123456789ab
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: 12345778-1234-abcd-ef00-0123456789ac
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: 12345778-1234-abcd-ef00-0123456789ac
ncacn_ip_tcp:10.101.16.25[49667]
UUID: 12345778-1234-abcd-ef00-0123456789ac
ncacn_http:10.101.16.25[49670]
UUID: 12345778-1234-abcd-ef00-0123456789ac
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: 12345778-1234-abcd-ef00-0123456789ac
ncacn_ip_tcp:10.101.16.25[49671]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_ip_tcp:10.101.16.25[49667]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_http:10.101.16.25[49670]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_ip_tcp:10.101.16.25[49671]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_ip_tcp:10.101.16.25[49667]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_http:10.101.16.25[49670]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
ncacn_ip_tcp:10.101.16.25[49671]
UUID: 12345678-1234-abcd-ef00-01234567cffb
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: 12345678-1234-abcd-ef00-01234567cffb
ncacn_ip_tcp:10.101.16.25[49667]
UUID: 12345678-1234-abcd-ef00-01234567cffb
ncacn_http:10.101.16.25[49670]
UUID: 12345678-1234-abcd-ef00-01234567cffb
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: 12345678-1234-abcd-ef00-01234567cffb
ncacn_ip_tcp:10.101.16.25[49671]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_ip_tcp:10.101.16.25[49667]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_http:10.101.16.25[49670]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
ncacn_ip_tcp:10.101.16.25[49671]
UUID: 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b Ngc Pop Key Service
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b Ngc Pop Key Service
ncacn_ip_tcp:10.101.16.25[49667]
UUID: 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b Ngc Pop Key Service
ncacn_http:10.101.16.25[49670]
UUID: 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b Ngc Pop Key Service
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b Ngc Pop Key Service
ncacn_ip_tcp:10.101.16.25[49671]
UUID: 51a227ae-825b-41f2-b4a9-1ac9557a1018 Ngc Pop Key Service
ncacn_np:10.101.16.25[\\pipe\\lsass]
UUID: 51a227ae-825b-41f2-b4a9-1ac9557a1018 Ngc Pop Key Service
ncacn_ip_tcp:10.101.16.25[49667]
UUID: 51a227ae-825b-41f2-b4a9-1ac9557a1018 Ngc Pop Key Service
ncacn_http:10.101.16.25[49670]
UUID: 51a227ae-825b-41f2-b4a9-1ac9557a1018 Ngc Pop Key Service
ncacn_np:10.101.16.25[\\pipe\\30d20c5f53e1858a]
UUID: 51a227ae-825b-41f2-b4a9-1ac9557a1018 Ngc Pop Key Service
ncacn_ip_tcp:10.101.16.25[49671]
UUID: 7f1343fe-50a9-4927-a778-0c5859517bac DfsDs service
ncacn_np:10.101.16.25[\\PIPE\\wkssvc]
UUID: 1ff70682-0a51-30e8-076d-740be8cee98b
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 1ff70682-0a51-30e8-076d-740be8cee98b
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 29770a8f-829b-4158-90a2-78cd488501f7
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 29770a8f-829b-4158-90a2-78cd488501f7
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 29770a8f-829b-4158-90a2-78cd488501f7
ncacn_ip_tcp:10.101.16.25[49666]
UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 33d84484-3626-47ee-8c6f-e7e98b113be1
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 33d84484-3626-47ee-8c6f-e7e98b113be1
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 33d84484-3626-47ee-8c6f-e7e98b113be1
ncacn_ip_tcp:10.101.16.25[49666]
UUID: 86d35949-83c9-4044-b424-db363231fd0c
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 86d35949-83c9-4044-b424-db363231fd0c
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 86d35949-83c9-4044-b424-db363231fd0c
ncacn_ip_tcp:10.101.16.25[49666]
UUID: 3a9ef155-691d-4449-8d05-09ad57031823
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 3a9ef155-691d-4449-8d05-09ad57031823
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 3a9ef155-691d-4449-8d05-09ad57031823
ncacn_ip_tcp:10.101.16.25[49666]
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
ncacn_ip_tcp:10.101.16.25[49666]
UUID: 2e6035b2-e8f1-41a7-a044-656b439c4c34 Proxy Manager provider server endpoint
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 2e6035b2-e8f1-41a7-a044-656b439c4c34 Proxy Manager provider server endpoint
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 2e6035b2-e8f1-41a7-a044-656b439c4c34 Proxy Manager provider server endpoint
ncacn_ip_tcp:10.101.16.25[49666]
UUID: c36be077-e14b-4fe9-8abc-e856ef4f048b Proxy Manager client server endpoint
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: c36be077-e14b-4fe9-8abc-e856ef4f048b Proxy Manager client server endpoint
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: c36be077-e14b-4fe9-8abc-e856ef4f048b Proxy Manager client server endpoint
ncacn_ip_tcp:10.101.16.25[49666]
UUID: c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 Adh APIs
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 Adh APIs
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 Adh APIs
ncacn_ip_tcp:10.101.16.25[49666]
UUID: b18fbab6-56f8-4702-84e0-41053293a869 UserMgrCli
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: b18fbab6-56f8-4702-84e0-41053293a869 UserMgrCli
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: b18fbab6-56f8-4702-84e0-41053293a869 UserMgrCli
ncacn_ip_tcp:10.101.16.25[49666]
UUID: 0d3c7f20-1c8d-4654-a1b3-51563b298bda UserMgrCli
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: 0d3c7f20-1c8d-4654-a1b3-51563b298bda UserMgrCli
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: 0d3c7f20-1c8d-4654-a1b3-51563b298bda UserMgrCli
ncacn_ip_tcp:10.101.16.25[49666]
UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
ncacn_ip_tcp:10.101.16.25[49666]
UUID: d09bdeb5-6171-4a34-bfe2-06fa82652568
ncacn_np:10.101.16.25[\\pipe\\SessEnvPublicRpc]
UUID: d09bdeb5-6171-4a34-bfe2-06fa82652568
ncacn_np:10.101.16.25[\\PIPE\\atsvc]
UUID: d09bdeb5-6171-4a34-bfe2-06fa82652568
ncacn_ip_tcp:10.101.16.25[49666]
UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
ncacn_np:10.101.16.25[\\pipe\\eventlog]
UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
ncacn_ip_tcp:10.101.16.25[49665]
UUID: d09bdeb5-6171-4a34-bfe2-06fa82652568
ncacn_np:10.101.16.25[\\pipe\\eventlog]
UUID: d09bdeb5-6171-4a34-bfe2-06fa82652568
ncacn_ip_tcp:10.101.16.25[49665]
UUID: a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
ncacn_np:10.101.16.25[\\pipe\\eventlog]
UUID: a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
ncacn_ip_tcp:10.101.16.25[49665]
UUID: 2d98a740-581d-41b9-aa0d-a88b9d5ce938
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 2c7fd9ce-e706-4b40-b412-953107ef9bb0
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: c521facf-09a9-42c5-b155-72388595cbf0
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 1832bcf6-cab8-41d4-85d2-c9410764f75a
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 4dace966-a243-4450-ae3f-9b7bcb5315b8
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 55e6b932-1979-45d6-90c5-7f6270724112
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 76c217bc-c8b4-4201-a745-373ad9032b1a
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 88abcbc3-34ea-76ae-8215-767520655a23
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 2513bcbe-6cd4-4348-855e-7efb3c336dd3
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 20c40295-8dba-48e6-aebf-3e78ef3bb144
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: b8cadbaf-e84b-46b9-84f2-6f71c03f9e55
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: d09bdeb5-6171-4a34-bfe2-06fa82652568
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 697dcda9-3ba9-4eb2-9247-e11f1901b0d2
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: d09bdeb5-6171-4a34-bfe2-06fa82652568
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 9b008953-f195-4bf9-bde0-4471971e58ed
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: fc48cd89-98d6-4628-9839-86f7a3e4161a
ncacn_np:10.101.16.25[\\pipe\\LSM_API_service]
UUID: 76f226c3-ec14-4325-8a99-6a46348418af
ncacn_np:10.101.16.25[\\PIPE\\InitShutdown]
UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d
ncacn_np:10.101.16.25[\\PIPE\\InitShutdown]
Total endpoints found: 125
==== End of RPC Endpoint Mapper query response ====
portqry.exe -n 10.101.16.25 -e 135 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 389 -p BOTH ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 389 (ldap service): LISTENING
Using ephemeral source port
Sending LDAP query to TCP port 389...
LDAP query response:
currentdate: 02/20/2019 16:42:05 (unadjusted GMT)
subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=EFPL,DC=Local
dsServiceName: CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
namingContexts: DC=EFPL,DC=Local
defaultNamingContext: DC=EFPL,DC=Local
schemaNamingContext: CN=Schema,CN=Configuration,DC=EFPL,DC=Local
configurationNamingContext: CN=Configuration,DC=EFPL,DC=Local
rootDomainNamingContext: DC=EFPL,DC=Local
supportedControl: 1.2.840.113556.1.4.319
supportedLDAPVersion: 3
supportedLDAPPolicies: MaxPoolThreads
highestCommittedUSN: 20801
supportedSASLMechanisms: GSSAPI
dnsHostName: EPL-M-DC1.EFPL.Local
ldapServiceName: EFPL.Local:epl-m-dc1$@EFPL.LOCAL
serverName: CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
supportedCapabilities: 1.2.840.113556.1.4.800
isSynchronized: TRUE
isGlobalCatalogReady: TRUE
domainFunctionality: 7
forestFunctionality: 7
domainControllerFunctionality: 7
======== End of LDAP query response ========
UDP port 389 (unknown service): LISTENING or FILTERED
Using ephemeral source port
Sending LDAP query to UDP port 389...
LDAP query response:
currentdate: 02/20/2019 16:42:09 (unadjusted GMT)
subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=EFPL,DC=Local
dsServiceName: CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
namingContexts: DC=EFPL,DC=Local
defaultNamingContext: DC=EFPL,DC=Local
schemaNamingContext: CN=Schema,CN=Configuration,DC=EFPL,DC=Local
configurationNamingContext: CN=Configuration,DC=EFPL,DC=Local
rootDomainNamingContext: DC=EFPL,DC=Local
supportedControl: 1.2.840.113556.1.4.319
supportedLDAPVersion: 3
supportedLDAPPolicies: MaxPoolThreads
highestCommittedUSN: 20801
supportedSASLMechanisms: GSSAPI
dnsHostName: EPL-M-DC1.EFPL.Local
ldapServiceName: EFPL.Local:epl-m-dc1$@EFPL.LOCAL
serverName: CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
supportedCapabilities: 1.2.840.113556.1.4.800
isSynchronized: TRUE
isGlobalCatalogReady: TRUE
domainFunctionality: 7
forestFunctionality: 7
domainControllerFunctionality: 7
======== End of LDAP query response ========
UDP port 389 is LISTENING
portqry.exe -n 10.101.16.25 -e 389 -p BOTH exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 636 -p TCP ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 636 (ldaps service): LISTENING
portqry.exe -n 10.101.16.25 -e 636 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 3268 -p TCP ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 3268 (msft-gc service): LISTENING
Using ephemeral source port
Sending LDAP query to TCP port 3268...
LDAP query response:
currentdate: 02/20/2019 16:42:09 (unadjusted GMT)
subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=EFPL,DC=Local
dsServiceName: CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
namingContexts: DC=EFPL,DC=Local
defaultNamingContext: DC=EFPL,DC=Local
schemaNamingContext: CN=Schema,CN=Configuration,DC=EFPL,DC=Local
configurationNamingContext: CN=Configuration,DC=EFPL,DC=Local
rootDomainNamingContext: DC=EFPL,DC=Local
supportedControl: 1.2.840.113556.1.4.319
supportedLDAPVersion: 3
supportedLDAPPolicies: MaxPoolThreads
highestCommittedUSN: 20802
supportedSASLMechanisms: GSSAPI
dnsHostName: EPL-M-DC1.EFPL.Local
ldapServiceName: EFPL.Local:epl-m-dc1$@EFPL.LOCAL
serverName: CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
supportedCapabilities: 1.2.840.113556.1.4.800
isSynchronized: TRUE
isGlobalCatalogReady: TRUE
domainFunctionality: 7
forestFunctionality: 7
domainControllerFunctionality: 7
======== End of LDAP query response ========
portqry.exe -n 10.101.16.25 -e 3268 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 3269 -p TCP ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 3269 (msft-gc-ssl service): LISTENING
portqry.exe -n 10.101.16.25 -e 3269 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 53 -p BOTH ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 53 (domain service): LISTENING
UDP port 53 (domain service): LISTENING or FILTERED
Sending DNS query to UDP port 53...
UDP port 53 is LISTENING
portqry.exe -n 10.101.16.25 -e 53 -p BOTH exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 88 -p BOTH ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 88 (kerberos service): LISTENING
UDP port 88 (kerberos service): LISTENING or FILTERED
portqry.exe -n 10.101.16.25 -e 88 -p BOTH exits with return code 0x00000002.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 445 -p TCP ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 445 (microsoft-ds service): LISTENING
portqry.exe -n 10.101.16.25 -e 445 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 137 -p UDP ...
portqry.exe -n 10.101.16.25 -e 137 -p UDP exits with return code 0x80000003.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 138 -p UDP ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
UDP port 138 (netbios-dgm service): LISTENING or FILTERED
portqry.exe -n 10.101.16.25 -e 138 -p UDP exits with return code 0x00000002.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 139 -p TCP ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 139 (netbios-ssn service): LISTENING
portqry.exe -n 10.101.16.25 -e 139 -p TCP exits with return code 0x00000000.
=============================================
Starting portqry.exe -n 10.101.16.25 -e 42 -p TCP ...
Querying target system called:
10.101.16.25
Attempting to resolve IP address to a name...
IP address resolved to EPL-M-DC1.EFPL.Local
querying...
TCP port 42 (nameserver service): NOT LISTENING
portqry.exe -n 10.101.16.25 -e 42 -p TCP exits with return code 0x00000001.
Below is the Dcdiag log
C:\Windows\system32>dcdiag /v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine EPL-M-DC1, is a Directory Server.
Home Server = EPL-M-DC1
* Connecting to directory service on server EPL-M-DC1.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=EFPL,DC=Local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=EFPL,DC=Local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\EPL-M-DC1
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... EPL-M-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\EPL-M-DC1
Starting test: Advertising
The DC EPL-M-DC1 is advertising itself as a DC and having a DS.
The DC EPL-M-DC1 is advertising as an LDAP server
The DC EPL-M-DC1 is advertising as having a writeable directory
The DC EPL-M-DC1 is advertising as a Key Distribution Center
The DC EPL-M-DC1 is advertising as a time server
The DS EPL-M-DC1 is advertising as a GC.
......................... EPL-M-DC1 passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... EPL-M-DC1 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication
problems may cause Group Policy problems.
An error event occurred. EventID: 0xC00004B2
Time Generated: 02/19/2019 16:09:15
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur
in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 1355 (The specified domain either does not exist or could not be contacted.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 02/19/2019 16:19:04
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur
in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
A warning event occurred. EventID: 0x80001780
Time Generated: 02/19/2019 16:24:04
Event String:
The DFS Replication service failed to update configuration in Active Directory Domain Services. The service will retry this operation periodically.
Additional Information:
Object Category: msDFSR-LocalSettings
Object DN: CN=DFSR-LocalSettings,CN=EPL-M-DC1,OU=Domain Controllers,DC=EFPL,DC=Local
Error: 1355 (The specified domain either does not exist or could not be contacted.)
Domain Controller:
Polling Cycle: 60
An error event occurred. EventID: 0xC00004B2
Time Generated: 02/19/2019 16:30:44
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur
in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 02/19/2019 16:57:04
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur
in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
......................... EPL-M-DC1 failed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... EPL-M-DC1 passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... EPL-M-DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
Role Domain Owner = CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
Role PDC Owner = CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
Role Rid Owner = CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local
......................... EPL-M-DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC EPL-M-DC1 on DC EPL-M-DC1.
* SPN found :LDAP/EPL-M-DC1.EFPL.Local/EFPL.Local
* SPN found :LDAP/EPL-M-DC1.EFPL.Local
* SPN found :LDAP/EPL-M-DC1
* SPN found :LDAP/EPL-M-DC1.EFPL.Local/EFPL
* SPN found :LDAP/f21cb588-d8e5-4a64-9b86-d4ec8478e3d5._msdcs.EFPL.Local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/f21cb588-d8e5-4a64-9b86-d4ec8478e3d5/EFPL.Local
* SPN found :HOST/EPL-M-DC1.EFPL.Local/EFPL.Local
* SPN found :HOST/EPL-M-DC1.EFPL.Local
* SPN found :HOST/EPL-M-DC1
* SPN found :HOST/EPL-M-DC1.EFPL.Local/EFPL
* SPN found :GC/EPL-M-DC1.EFPL.Local/EFPL.Local
......................... EPL-M-DC1 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC EPL-M-DC1.
* Security Permissions Check for
DC=DomainDnsZones,DC=EFPL,DC=Local
(NDNC,Version 3)
* Security Permissions Check for
DC=ForestDnsZones,DC=EFPL,DC=Local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=EFPL,DC=Local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=EFPL,DC=Local
(Configuration,Version 3)
* Security Permissions Check for
DC=EFPL,DC=Local
(Domain,Version 3)
......................... EPL-M-DC1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\EPL-M-DC1\netlogon
Verified share \\EPL-M-DC1\sysvol
......................... EPL-M-DC1 passed test NetLogons
Starting test: ObjectsReplicated
EPL-M-DC1 is in domain DC=EFPL,DC=Local
Checking for CN=EPL-M-DC1,OU=Domain Controllers,DC=EFPL,DC=Local in domain DC=EFPL,DC=Local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local in domain CN=Configuration,DC=EFPL,DC=Local on 1 servers
Object is up-to-date on all servers.
......................... EPL-M-DC1 passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
......................... EPL-M-DC1 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 1600 to 1073741823
* EPL-M-DC1.EFPL.Local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1100 to 1599
* rIDPreviousAllocationPool is 1100 to 1599
* rIDNextRID: 1103
......................... EPL-M-DC1 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... EPL-M-DC1 passed test Services
Starting test: SystemLog
* The System Event log test
A warning event occurred. EventID: 0x0000002F
Time Generated: 02/20/2019 10:56:59
Event String:
Time Provider NtpClient: No valid response has been received from manually configured peer pool.ntp.org after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover
a new peer with this DNS name. The error was: The peer is unreachable.
Found no errors in "System" Event log in the last 60 minutes.
......................... EPL-M-DC1 passed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference) CN=EPL-M-DC1,OU=Domain Controllers,DC=EFPL,DC=Local and backlink on
CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local are correct.
The system object reference (serverReferenceBL)
CN=EPL-M-DC1,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=EFPL,DC=Local and backlink on
CN=NTDS Settings,CN=EPL-M-DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=EFPL,DC=Local are correct.
The system object reference (msDFSR-ComputerReferenceBL)
CN=EPL-M-DC1,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=EFPL,DC=Local and backlink on
CN=EPL-M-DC1,OU=Domain Controllers,DC=EFPL,DC=Local are correct.
......................... EPL-M-DC1 passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : EFPL
Starting test: CheckSDRefDom
......................... EFPL passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... EFPL passed test CrossRefValidation
Running enterprise tests on : EFPL.Local
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\EPL-M-DC1.EFPL.Local
Locator Flags: 0xe001f1fd
PDC Name: \\EPL-M-DC1.EFPL.Local
Locator Flags: 0xe001f1fd
Time Server Name: \\EPL-M-DC1.EFPL.Local
Locator Flags: 0xe001f1fd
Preferred Time Server Name: \\EPL-M-DC1.EFPL.Local
Locator Flags: 0xe001f1fd
KDC Name: \\EPL-M-DC1.EFPL.Local
Locator Flags: 0xe001f1fd
......................... EFPL.Local passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments provided.
......................... EFPL.Local passed test Intersite
Below is the DCPromo Log
02/20/2019 11:31:56 [INFO] Promotion request for replica domain controller
02/20/2019 11:31:56 [INFO] DnsDomainName EFPL.Local
02/20/2019 11:31:56 [INFO] ReplicaPartner EPL-M-DC1.EFPL.Local
02/20/2019 11:31:56 [INFO] SiteName Default-First-Site-Name
02/20/2019 11:31:56 [INFO] DsDatabasePath C:\Windows\NTDS, DsLogPath C:\Windows\NTDS
02/20/2019 11:31:56 [INFO] SystemVolumeRootPath C:\Windows\SYSVOL
02/20/2019 11:31:56 [INFO] Account efpl.local\administrator
02/20/2019 11:31:56 [INFO] Options 1179840
02/20/2019 11:31:56 [INFO] Validate supplied paths
02/20/2019 11:31:56 [INFO] Validating path C:\Windows\NTDS.
02/20/2019 11:31:56 [INFO] Path is a directory
02/20/2019 11:31:56 [INFO] Path is on a fixed disk drive.
02/20/2019 11:31:56 [INFO] Validating path C:\Windows\NTDS.
02/20/2019 11:31:56 [INFO] Path is a directory
02/20/2019 11:31:56 [INFO] Path is on a fixed disk drive.
02/20/2019 11:31:56 [INFO] Validating path C:\Windows\SYSVOL.
02/20/2019 11:31:56 [INFO] Path is on a fixed disk drive.
02/20/2019 11:31:56 [INFO] Path is on an NTFS volume
02/20/2019 11:31:56 [INFO] Start the worker task
02/20/2019 11:31:56 [INFO] Request for promotion returning 0
02/20/2019 11:31:56 [INFO] Forcing time sync
02/20/2019 11:31:56 [INFO] Forcing a time sync with EPL-M-DC1.EFPL.Local
02/20/2019 11:31:56 [INFO] Searching for a domain controller for the domain EFPL.Local that contains the account EPL-N-DC1$
02/20/2019 11:31:56 [ERROR] Failed to find a DC for domain EFPL.Local: 5
02/20/2019 11:31:56 [ERROR] Failed to get domain controller for account EPL-N-DC1$ (5)
02/20/2019 11:31:56 [INFO] Error - A domain controller could not be contacted for the domain EFPL.Local that contained an account for this computer. Make the computer a member of a workgroup then rejoin the domain before retrying the promotion.
(5)
02/20/2019 11:31:56 [INFO] The attempted domain controller operation has completed
02/20/2019 11:31:56 [INFO] Updating service status to 4
02/20/2019 11:31:56 [INFO] DsRolepSetOperationDone returned 0
Below is the log from dcpromoui
dcpromoui 1270.1208 23C8 11:31:57.610 posting message to progress window
dcpromoui 1270.10A8 23C9 11:31:57.611 Enter State::GetOperationResultsCode FAILURE
dcpromoui 1270.10A8 23CA 11:31:57.611 OPERATION FAILED
dcpromoui 1270.10A8 23CB 11:31:57.611 Enter State::GetOperationResultsCode FAILURE
dcpromoui 1270.10A8 23CC 11:31:57.611 Enter State::GetUserCancelled false
dcpromoui 1270.10A8 23CD 11:31:57.611 Enter State::IsOperationRetryAllowed
dcpromoui 1270.10A8 23CE 11:31:57.611 true
dcpromoui 1270.10A8 23CF 11:31:57.611 Info:
dcpromoui 1270.10A8 23D0 11:31:57.611 performed state 28, next state 29
dcpromoui 1270.10A8 23D1 11:31:57.611 Enter FailedFunct
dcpromoui 1270.10A8 23D2 11:31:57.611 Enter State::GetOperationResultsCode FAILURE
dcpromoui 1270.10A8 23D3 11:31:57.611 FAILURE
dcpromoui 1270.10A8 23D4 11:31:57.611 performed state 29, next state 30
dcpromoui 1270.10A8 23D5 11:31:57.611 Enter FinishFunct
dcpromoui 1270.10A8 23D6 11:31:57.611 Enter State::GetFailureMessage The operation failed because:
A domain controller could not be contacted for the domain EFPL.Local that contained an account for this computer. Make the computer a member of a workgroup then rejoin the domain before retrying the promotion.
"Access is denied."
dcpromoui 1270.10A8 23D7 11:31:57.611 Error: The operation failed because: