Hello all. We are currently running a Windows Server 2003 ADDC as a virtual machine on a Windows Server 2012 host using Hyper-V. We have recently added a second Windows Server 2012 ADDC also as a Hyper-V VM. I promoted the 2k12 to a DC, transferred all FMOS roles, and tested AD replication. All AD data was replicated fine. However a DCDIAG (the results of which I have attached to this post) show a few errors.
First off, it is failing the advertising test. This is more than likely due to a DNS error. Unfortunately, I can not seem to find the error within the DNS to resolve it.
Secondly, it is failing the KccEvent test; also seeming as a DNS related error.
Thirdly, both SYSVOL and NETLOGON shares were not successfully replicated. This is likely the basis for the other issues. Without these successfully replicated, I can not demote the 2K3 server; which is the goal in the end, to replace the old server with the new.
I am willing to try just about anything, so any suggestions would be greatly appreciated. As for what I have tried, I have tried a non-authoritative restore using burr flags with no success. I CAN ping both DCs from each other ensuring connectivity. All users can currently log on to the server (due to the fact that the 2K3 server is still running and still holds the SYSVOL and NETLOGON shares).
Once again, any help would be greatly appreciated! Thank you in advance!
DCDIAG Output:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = RETIRED2012
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site\RETIRED2012
Starting test: Connectivity
......................... RETIRED2012 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site\RETIRED2012
Starting test: Advertising
Warning: DsGetDcName returned information for
\\retired1.RetireFirst.local, when we were trying to reach
RETIRED2012.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... RETIRED2012 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... RETIRED2012 passed test FrsEvent
Starting test: DFSREvent
......................... RETIRED2012 passed test DFSREvent
Starting test: SysVolCheck
......................... RETIRED2012 passed test SysVolCheck
Starting test: KccEvent
An error event occurred. EventID: 0xC0000827
Time Generated: 08/09/2013 22:08:34
Event String:
Active Directory Domain Services could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory Domain Services from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
A warning event occurred. EventID: 0x80000677
Time Generated: 08/09/2013 22:10:02
Event String:
Active Directory Domain Services attempted to communicate with the following global catalog and the attempts were unsuccessful.
An error event occurred. EventID: 0xC0000466
Time Generated: 08/09/2013 22:10:06
Event String:
Active Directory Domain Services was unable to establish a connection with the global catalog.
......................... RETIRED2012 failed test KccEvent
Starting test: KnowsOfRoleHolders
......................... RETIRED2012 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... RETIRED2012 passed test MachineAccount
Starting test: NCSecDesc
......................... RETIRED2012 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\RETIRED2012\netlogon)
[RETIRED2012] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... RETIRED2012 failed test NetLogons
Starting test: ObjectsReplicated
......................... RETIRED2012 passed test ObjectsReplicated
Starting test: Replications
......................... RETIRED2012 passed test Replications
Starting test: RidManager
......................... RETIRED2012 passed test RidManager
Starting test: Services
......................... RETIRED2012 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x00001695
Time Generated: 08/09/2013 22:06:48
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:06:49
Event String:
Name resolution for the name _ldap._tcp.Default-First-Site._sites.dc._msdcs.RetireFirst.local. timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x00001696
Time Generated: 08/09/2013 22:07:44
Event String:
Dynamic registration or deregistration of one or more DNS records failed with the following error:
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:07:51
Event String:
Name resolution for the name retired1.RetireFirst.local timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x00001695
Time Generated: 08/09/2013 22:08:23
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
A warning event occurred. EventID: 0x00001695
Time Generated: 08/09/2013 22:08:35
Event String:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
An error event occurred. EventID: 0x0000041E
Time Generated: 08/09/2013 22:08:45
Event String:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
An error event occurred. EventID: 0x00000423
Time Generated: 08/09/2013 22:08:53
Event String:
The DHCP service failed to see a directory server for authorization.
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:10:04
Event String:
Name resolution for the name isatap timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:10:08
Event String:
Name resolution for the name e45ad288-70ff-4d9e-adf9-3035e459e126._msdcs.RetireFirst.local timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000003F6
Time Generated: 08/09/2013 22:10:21
Event String:
Name resolution for the name _ldap._tcp.Default-First-Site._sites.dc._msdcs.RetireFirst.local. timed out after none of the configured DNS servers responded.
An error event occurred. EventID: 0x00000423
Time Generated: 08/09/2013 22:11:14
Event String:
The DHCP service failed to see a directory server for authorization.
An error event occurred. EventID: 0x0000041E
Time Generated: 08/09/2013 22:13:45
Event String:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
......................... RETIRED2012 failed test SystemLog
Starting test: VerifyReferences
......................... RETIRED2012 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : RetireFirst
Starting test: CheckSDRefDom
......................... RetireFirst passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... RetireFirst passed test CrossRefValidation
Running enterprise tests on : RetireFirst.local
Starting test: LocatorCheck
......................... RetireFirst.local passed test LocatorCheck
Starting test: Intersite
......................... RetireFirst.local passed test Intersite