Cut long story short: I couldn´t unpromote and remove one of my DCs (DC0), and I did a force remove with GUI. All DCs are Server 2012 based. Other DC, DC6 holds all fsmo roles. After force removal of DC0, almost all services of AD is not working. Open almost
any mmc console will give "Naming information cannot be located because the specified domain either does not exist or could not be contacted". This is also seeing on the DC6 which holds all FSMO roles. In DNS I see PDC pointed to DC6, but still DC6
wines in dcdiag (I´m only pasting failures on DC6)
Doing primary tests
Testing server: Default-First-Site-Name\DC6
Starting test: Advertising
Fatal Error:DsGetDcName (DC6) call failed, error 1355
The Locator could not find the server.
......................... DC6 failed test Advertising
Starting test: FrsEvent
......................... DC6 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DC6 failed test DFSREvent
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\DC6\netlogon)
[DC6] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... DC6 failed test NetLogons
Starting test: ObjectsReplicated
......................... DC6 passed test ObjectsReplicated
Starting test: Replications
[Replications Check,DC6] A recent replication attempt failed:
From DC0 to DC6
Naming Context: DC=DomainDnsZones,DC=labs,DC=dom
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2013-09-05 15:59:02.
The last success occurred at 2013-09-05 11:00:40.
6 failures have occurred since the last success.
[DC0] DsBindWithSpnEx() failed with error 5,
Access is denied..
[Replications Check,DC6] A recent replication attempt failed:
From DC0 to DC6
Naming Context: DC=ForestDnsZones,DC=labs,DC=dom
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2013-09-05 15:59:02.
The last success occurred at 2013-09-05 10:57:39.
6 failures have occurred since the last success.
[Replications Check,DC6] A recent replication attempt failed:
From DC0 to DC6
Naming Context: CN=Schema,CN=Configuration,DC=labs,DC=dom
The replication generated an error (5):
Access is denied.
The failure occurred at 2013-09-05 15:59:02.
The last success occurred at 2013-09-05 10:58:09.
6 failures have occurred since the last success.
[Replications Check,DC6] A recent replication attempt failed:
From DC0 to DC6
Naming Context: CN=Configuration,DC=labs,DC=dom
The replication generated an error (5):
Access is denied.
The failure occurred at 2013-09-05 15:59:02.
The last success occurred at 2013-09-05 11:00:47.
6 failures have occurred since the last success.
[Replications Check,DC6] A recent replication attempt failed:
From DC0 to DC6
Naming Context: DC=labs,DC=dom
The replication generated an error (5):
Access is denied.
The failure occurred at 2013-09-05 15:59:02.
The last success occurred at 2013-09-05 11:08:56.
6 failures have occurred since the last success.
......................... DC6 failed test Replications
Starting test: SystemLog
An error event occurred. EventID: 0xC00038D6
Time Generated: 09/05/2013 16:20:17
Event String:
The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
An error event occurred. EventID: 0x000007D1
Time Generated: 09/05/2013 16:24:06
Event String:
Microsoft Antimalware has encountered an error trying to update sign
atures.
A warning event occurred. EventID: 0x00001796
Time Generated: 09/05/2013 16:32:59
Event String:
Microsoft Windows Server has detected that NTLM authentication is pr
esently being used between clients and this server. This event occurs once per b
oot of the server on the first time a client uses NTLM with this server.
An error event occurred. EventID: 0x00000457
Time Generated: 09/05/2013 16:33:30
The attempt by user LABS\admin to restart/shutdown computer DC6 fail
ed
......................... DC6 failed test SystemLog
Running enterprise tests on : labs.dom
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... labs.dom failed test LocatorCheck
Starting test: Intersite
......................... labs.dom passed test Intersite
I remember I had a case many years ago with W2003 DCs, that DC was unseccussfully removed, and Domain services stoped working, so I had to remove some CN names of old DC with ndisutil.