none
2012 R2 standard Replica DC cant connect to the main DC to be promoted

    Question

  • Hi everyone,

    I have a strange issue with adding an additional DC to be a replica/backup, for a DC that might need some hardware maintenance and not sure how long will be out of order. 

    Both servers are 2012 R2 standard, and when i installed the one i am trying to add as a replica, i had it as evaluation. I have not been able to do anything with it, so i converted it into full retail standard version with a key, and than tried to promote it, it didnt work. Keeps saying that there is some communication. 

    The servers is added into the domain, i can ping the main DC, i can do nslookup, i cant open connection using LDP to port 398.

    DNS is added into advanced settings of IPv4, IPv6 is disabled, as i saw in some other posts to try, firewall is not blocking it because i tried with and without firewall. Server has a static IP, has a DNS role installed (also suggested by some other post), but i keep getting the same error when trying to promote this one into a DC. Event Viewer from time to time gives a NETLOGON error of not being able to contact the DC. Communication is there, i can see it, but something is blocking it from being recognized when i run the dcpromo wizard.

    Monday, March 20, 2017 7:08 PM

All replies

  • Hi

     You should check port accessibility and dns config,run "ipconfig /all" on both and you can check ports with PortQryUI ; https://www.microsoft.com/en-us/download/details.aspx?id=24009

    also you should check dcpromo log's from "%systemroot%\Debug\DCPROMO.LOG" to analyse the issue.                            

    <button class="play_button" disabled="disabled" id="top-playButton" type="button"></button>


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    • Proposed as answer by Todd Heron Monday, March 20, 2017 11:35 PM
    Monday, March 20, 2017 8:30 PM
  • Hi Burak,

    thanks for the reply. i checked the DNS config on both, they are set up properly. not sure what more info ipconfig will give me.

    which ports should i be looking at with PQ. ran the Domains and Trusts service to query, and it showed me this:

    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 135 -p TCP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 135 (epmap service): LISTENING

    Using ephemeral source port
    Querying Endpoint Mapper Database...
    Server's response:

    UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d 
    ncacn_ip_tcp:10.10.15.10[49152]

    UUID: 897e2e5f-93f3-4376-9c9c-fd2277495c27 Frs2 Service
    ncacn_ip_tcp:10.10.15.10[49200]

    UUID: 6b5bdd1e-528c-422c-af8c-a4079be4fe48 Remote Fw APIs
    ncacn_ip_tcp:10.10.15.10[49182]

    UUID: 12345678-1234-abcd-ef00-0123456789ab IPSec Policy agent endpoint
    ncacn_ip_tcp:10.10.15.10[49182]

    UUID: 367abb81-9844-35f1-ad32-98f038001003 
    ncacn_ip_tcp:10.10.15.10[49181]

    UUID: 45f52c28-7f9f-101a-b52b-08002b2efabe 
    ncacn_ip_tcp:10.10.15.10[49177]

    UUID: 45f52c28-7f9f-101a-b52b-08002b2efabe 
    ncacn_np:10.10.15.10[\\pipe\\WinsPipe]

    UUID: 811109bf-a4e1-11d1-ab54-00a0c91e9b45 
    ncacn_ip_tcp:10.10.15.10[49177]

    UUID: 811109bf-a4e1-11d1-ab54-00a0c91e9b45 
    ncacn_np:10.10.15.10[\\pipe\\WinsPipe]

    UUID: 50abc2a4-574d-40b3-9d66-ee4fd5fba076 
    ncacn_ip_tcp:10.10.15.10[49166]

    UUID: 76f03f96-cdfd-44fc-a22c-64950a001209 Spooler function endpoint
    ncacn_np:10.10.15.10[\\pipe\\spoolss]

    UUID: 76f03f96-cdfd-44fc-a22c-64950a001209 Spooler function endpoint
    ncacn_ip_tcp:10.10.15.10[49159]

    UUID: ae33069b-a2a8-46ee-a235-ddfd339be281 Spooler base remote object endpoint
    ncacn_np:10.10.15.10[\\pipe\\spoolss]

    UUID: ae33069b-a2a8-46ee-a235-ddfd339be281 Spooler base remote object endpoint
    ncacn_ip_tcp:10.10.15.10[49159]

    UUID: 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 Spooler function endpoint
    ncacn_np:10.10.15.10[\\pipe\\spoolss]

    UUID: 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 Spooler function endpoint
    ncacn_ip_tcp:10.10.15.10[49159]

    UUID: 4a452661-8290-4b36-8fbe-7f4093a94978 Spooler function endpoint
    ncacn_np:10.10.15.10[\\pipe\\spoolss]

    UUID: 4a452661-8290-4b36-8fbe-7f4093a94978 Spooler function endpoint
    ncacn_ip_tcp:10.10.15.10[49159]

    UUID: 7f1343fe-50a9-4927-a778-0c5859517bac DfsDs service
    ncacn_np:10.10.15.10[\\PIPE\\wkssvc]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_np:10.10.15.10[\\pipe\\lsass]

    UUID: 12345778-1234-abcd-ef00-0123456789ac 
    ncacn_np:10.10.15.10[\\pipe\\lsass]

    UUID: 12345778-1234-abcd-ef00-0123456789ac 
    ncacn_ip_tcp:10.10.15.10[49156]

    UUID: 12345778-1234-abcd-ef00-0123456789ac 
    ncacn_ip_tcp:10.10.15.10[49158]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_np:10.10.15.10[\\pipe\\lsass]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_ip_tcp:10.10.15.10[49156]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_ip_tcp:10.10.15.10[49158]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_http:10.10.15.10[49157]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_np:10.10.15.10[\\pipe\\aa6ae3d2da912cd5]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_np:10.10.15.10[\\pipe\\lsass]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_ip_tcp:10.10.15.10[49156]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_ip_tcp:10.10.15.10[49158]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_http:10.10.15.10[49157]

    UUID: 12345778-1234-abcd-ef00-0123456789ab 
    ncacn_np:10.10.15.10[\\pipe\\aa6ae3d2da912cd5]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_np:10.10.15.10[\\pipe\\lsass]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_ip_tcp:10.10.15.10[49156]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_ip_tcp:10.10.15.10[49158]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_http:10.10.15.10[49157]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_np:10.10.15.10[\\pipe\\aa6ae3d2da912cd5]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_np:10.10.15.10[\\pipe\\lsass]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_ip_tcp:10.10.15.10[49156]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_ip_tcp:10.10.15.10[49158]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_http:10.10.15.10[49157]

    UUID: 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 RemoteAccessCheck
    ncacn_np:10.10.15.10[\\pipe\\aa6ae3d2da912cd5]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_np:10.10.15.10[\\pipe\\lsass]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_ip_tcp:10.10.15.10[49156]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_ip_tcp:10.10.15.10[49158]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_http:10.10.15.10[49157]

    UUID: 12345678-1234-abcd-ef00-01234567cffb 
    ncacn_np:10.10.15.10[\\pipe\\aa6ae3d2da912cd5]

    UUID: 3473dd4d-2e88-4006-9cba-22570909dd10 WinHttp Auto-Proxy Service
    ncacn_np:10.10.15.10[\\PIPE\\W32TIME_ALT]

    UUID: 338cd001-2244-31f1-aaaa-900038001003 RemoteRegistry Interface
    ncacn_np:10.10.15.10[\\PIPE\\winreg]

    UUID: da5a86c5-12c2-4943-ab30-7f74a813d853 RemoteRegistry Perflib Interface
    ncacn_np:10.10.15.10[\\PIPE\\winreg]

    UUID: 1ff70682-0a51-30e8-076d-740be8cee98b 
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f 
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 86d35949-83c9-4044-b424-db363231fd0c 
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 86d35949-83c9-4044-b424-db363231fd0c 
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 3a9ef155-691d-4449-8d05-09ad57031823 
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 3a9ef155-691d-4449-8d05-09ad57031823 
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 1a0d010f-1c33-432c-b0f5-8cf4e8053099 IdSegSrv service
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 1a0d010f-1c33-432c-b0f5-8cf4e8053099 IdSegSrv service
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: 2e6035b2-e8f1-41a7-a044-656b439c4c34 Proxy Manager provider server endpoint
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 2e6035b2-e8f1-41a7-a044-656b439c4c34 Proxy Manager provider server endpoint
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 2e6035b2-e8f1-41a7-a044-656b439c4c34 Proxy Manager provider server endpoint
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 Adh APIs
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 Adh APIs
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 Adh APIs
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: c36be077-e14b-4fe9-8abc-e856ef4f048b Proxy Manager client server endpoint
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: c36be077-e14b-4fe9-8abc-e856ef4f048b Proxy Manager client server endpoint
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: c36be077-e14b-4fe9-8abc-e856ef4f048b Proxy Manager client server endpoint
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1 
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: 201ef99a-7fa0-444c-9399-19ba84f12a1a AppInfo
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 201ef99a-7fa0-444c-9399-19ba84f12a1a AppInfo
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 201ef99a-7fa0-444c-9399-19ba84f12a1a AppInfo
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: 5f54ce7d-5b79-4175-8584-cb65313a0e98 AppInfo
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 5f54ce7d-5b79-4175-8584-cb65313a0e98 AppInfo
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 5f54ce7d-5b79-4175-8584-cb65313a0e98 AppInfo
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 AppInfo
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 AppInfo
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 AppInfo
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: 58e604e8-9adb-4d2e-a464-3b0683fb1480 AppInfo
    ncacn_np:10.10.15.10[\\PIPE\\atsvc]

    UUID: 58e604e8-9adb-4d2e-a464-3b0683fb1480 AppInfo
    ncacn_ip_tcp:10.10.15.10[49154]

    UUID: 58e604e8-9adb-4d2e-a464-3b0683fb1480 AppInfo
    ncacn_np:10.10.15.10[\\PIPE\\srvsvc]

    UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
    ncacn_np:10.10.15.10[\\pipe\\eventlog]

    UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
    ncacn_ip_tcp:10.10.15.10[49153]

    UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
    ncacn_np:10.10.15.10[\\pipe\\eventlog]

    UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
    ncacn_ip_tcp:10.10.15.10[49153]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
    ncacn_np:10.10.15.10[\\pipe\\eventlog]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
    ncacn_ip_tcp:10.10.15.10[49153]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
    ncacn_np:10.10.15.10[\\pipe\\eventlog]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
    ncacn_ip_tcp:10.10.15.10[49153]

    UUID: 76f226c3-ec14-4325-8a99-6a46348418af 
    ncacn_np:10.10.15.10[\\PIPE\\InitShutdown]

    UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d 
    ncacn_np:10.10.15.10[\\PIPE\\InitShutdown]

    Total endpoints found: 104



    ==== End of RPC Endpoint Mapper query response ====
    portqry.exe -n 10.10.15.10 -e 135 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 389 -p BOTH ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 389 (ldap service): LISTENING

    Using ephemeral source port
    Sending LDAP query to TCP port 389...

    LDAP query response:


    currentdate: 03/21/2017 16:53:23 (unadjusted GMT)
    subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    dsServiceName: CN=NTDS Settings,CN=AGI-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    namingContexts: DC=ANDREWGARRETTINC,DC=COM
    defaultNamingContext: DC=ANDREWGARRETTINC,DC=COM
    schemaNamingContext: CN=Schema,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    configurationNamingContext: CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    rootDomainNamingContext: DC=ANDREWGARRETTINC,DC=COM
    supportedControl: 1.2.840.113556.1.4.319
    supportedLDAPVersion: 3
    supportedLDAPPolicies: MaxPoolThreads
    highestCommittedUSN: 2139018
    supportedSASLMechanisms: GSSAPI
    dnsHostName: AGI-AD.ANDREWGARRETTINC.COM
    ldapServiceName: ANDREWGARRETTINC.COM:agi-ad$@ANDREWGARRETTINC.COM
    serverName: CN=AGI-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    supportedCapabilities: 1.2.840.113556.1.4.800
    isSynchronized: TRUE
    isGlobalCatalogReady: TRUE
    domainFunctionality: 5
    forestFunctionality: 5
    domainControllerFunctionality: 5


    ======== End of LDAP query response ========

    UDP port 389 (unknown service): LISTENING or FILTERED

    Using ephemeral source port
    Sending LDAP query to UDP port 389...

    LDAP query response:


    currentdate: 03/21/2017 16:53:26 (unadjusted GMT)
    subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    dsServiceName: CN=NTDS Settings,CN=AGI-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    namingContexts: DC=ANDREWGARRETTINC,DC=COM
    defaultNamingContext: DC=ANDREWGARRETTINC,DC=COM
    schemaNamingContext: CN=Schema,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    configurationNamingContext: CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    rootDomainNamingContext: DC=ANDREWGARRETTINC,DC=COM
    supportedControl: 1.2.840.113556.1.4.319
    supportedLDAPVersion: 3
    supportedLDAPPolicies: MaxPoolThreads
    highestCommittedUSN: 2139018
    supportedSASLMechanisms: GSSAPI
    dnsHostName: AGI-AD.ANDREWGARRETTINC.COM
    ldapServiceName: ANDREWGARRETTINC.COM:agi-ad$@ANDREWGARRETTINC.COM
    serverName: CN=AGI-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    supportedCapabilities: 1.2.840.113556.1.4.800
    isSynchronized: TRUE
    isGlobalCatalogReady: TRUE
    domainFunctionality: 5
    forestFunctionality: 5
    domainControllerFunctionality: 5


    ======== End of LDAP query response ========

    UDP port 389 is LISTENING

    portqry.exe -n 10.10.15.10 -e 389 -p BOTH exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 636 -p TCP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 636 (ldaps service): LISTENING
    portqry.exe -n 10.10.15.10 -e 636 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 3268 -p TCP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 3268 (msft-gc service): LISTENING

    Using ephemeral source port
    Sending LDAP query to TCP port 3268...

    LDAP query response:


    currentdate: 03/21/2017 16:53:27 (unadjusted GMT)
    subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    dsServiceName: CN=NTDS Settings,CN=AGI-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    namingContexts: DC=ANDREWGARRETTINC,DC=COM
    defaultNamingContext: DC=ANDREWGARRETTINC,DC=COM
    schemaNamingContext: CN=Schema,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    configurationNamingContext: CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    rootDomainNamingContext: DC=ANDREWGARRETTINC,DC=COM
    supportedControl: 1.2.840.113556.1.4.319
    supportedLDAPVersion: 3
    supportedLDAPPolicies: MaxPoolThreads
    highestCommittedUSN: 2139018
    supportedSASLMechanisms: GSSAPI
    dnsHostName: AGI-AD.ANDREWGARRETTINC.COM
    ldapServiceName: ANDREWGARRETTINC.COM:agi-ad$@ANDREWGARRETTINC.COM
    serverName: CN=AGI-AD,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ANDREWGARRETTINC,DC=COM
    supportedCapabilities: 1.2.840.113556.1.4.800
    isSynchronized: TRUE
    isGlobalCatalogReady: TRUE
    domainFunctionality: 5
    forestFunctionality: 5
    domainControllerFunctionality: 5


    ======== End of LDAP query response ========
    portqry.exe -n 10.10.15.10 -e 3268 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 3269 -p TCP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 3269 (msft-gc-ssl service): LISTENING
    portqry.exe -n 10.10.15.10 -e 3269 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 53 -p BOTH ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 53 (domain service): LISTENING

    UDP port 53 (domain service): LISTENING
    portqry.exe -n 10.10.15.10 -e 53 -p BOTH exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 88 -p BOTH ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 88 (kerberos service): LISTENING

    UDP port 88 (kerberos service): LISTENING or FILTERED
    portqry.exe -n 10.10.15.10 -e 88 -p BOTH exits with return code 0x00000002.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 445 -p TCP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 445 (microsoft-ds service): LISTENING
    portqry.exe -n 10.10.15.10 -e 445 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 137 -p UDP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    UDP port 137 (netbios-ns service): LISTENING or FILTERED

    Using ephemeral source port
    Attempting NETBIOS adapter status query to UDP port 137...

    Server's response: MAC address 74867af3dace
    UDP port: LISTENING
    portqry.exe -n 10.10.15.10 -e 137 -p UDP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 138 -p UDP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    UDP port 138 (netbios-dgm service): LISTENING or FILTERED
    portqry.exe -n 10.10.15.10 -e 138 -p UDP exits with return code 0x00000002.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 139 -p TCP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 139 (netbios-ssn service): LISTENING
    portqry.exe -n 10.10.15.10 -e 139 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 10.10.15.10 -e 42 -p TCP ...


    Querying target system called:

     10.10.15.10

    Attempting to resolve IP address to a name...


    IP address resolved to agi-ad.andrewgarrettinc.com

    querying...

    TCP port 42 (nameserver service): LISTENING
    portqry.exe -n 10.10.15.10 -e 42 -p TCP exits with return code 0x00000000.

    DCpromo log shows me this, and i`m not quite sure where the issue is:

    dcpromoui E40.E24 0000 14:14:28.570 opening log file C:\Windows\debug\dcpromoui.log
    dcpromoui E40.E24 0001 14:14:28.570 C:\Windows\system32\wsmprovhost.exe
    dcpromoui E40.E24 0002 14:14:28.570 file timestamp 10/28/2014 22:18:58.724
    dcpromoui E40.E24 0003 14:14:28.570 C:\Windows\system32\dcpromocmd.dll
    dcpromoui E40.E24 0004 14:14:28.570 file timestamp 01/14/2017 23:42:10.011
    dcpromoui E40.E24 0005 14:14:28.570 local time 03/20/2017 14:14:28.570
    dcpromoui E40.E24 0006 14:14:28.570 running Windows NT 6.3 build 9600  (BuildLab:9600.winblue_ltsb.170204-0600) amd64
    dcpromoui E40.E24 0007 14:14:28.570 logging flags 0001007C
    dcpromoui E40.E24 0008 14:14:28.570 Enter CbsGetUpdateInstallState
    dcpromoui E40.E24 0009 14:14:28.570   The category is 0
    dcpromoui E40.E24 000A 14:14:28.570   Enter FindRoleInfo
    dcpromoui E40.E24 000B 14:14:28.570     Enter CheckIsServerCore
    dcpromoui E40.E24 000C 14:14:28.570       It is not on server foundation
    dcpromoui E40.E24 000D 14:14:28.570       HRESULT = 0x00000000
    dcpromoui E40.E24 000E 14:14:28.570   Enter GetUpdateName
    dcpromoui E40.E24 000F 14:14:28.570   Enter GetPackageName
    dcpromoui E40.E24 0010 14:14:28.673     Package name for Microsoft-Windows-ServerCore-Package is Microsoft-Windows-ServerCore-Package~31bf3856ad364e35~amd64~~6.3.9600.16384
    dcpromoui E40.E24 0011 14:14:28.678   Enter CbsGetUpdateInstallState
    dcpromoui E40.E24 0012 14:14:28.678     package name is Microsoft-Windows-ServerCore-Package~31bf3856ad364e35~amd64~~6.3.9600.16384 and update name is DirectoryServices-DomainController
    dcpromoui E40.E24 0013 14:14:29.019   HRESULT = 0x00000000
    dcpromoui E40.E24 0014 14:14:29.019 Enter CbsIsRebootRequired
    dcpromoui E40.CC4 0015 14:14:29.215 Enter GetProductTypeFromRegistry
    dcpromoui E40.CC4 0016 14:14:29.220   Enter RegistryKey::Open System\CurrentControlSet\Control\ProductOptions
    dcpromoui E40.CC4 0017 14:14:29.220   Enter RegistryKey::GetValue-String ProductType
    dcpromoui E40.CC4 0018 14:14:29.220   ServerNT
    dcpromoui E40.CC4 0019 14:14:29.220   prodtype : 0x3
    dcpromoui E40.8C8 001A 14:14:34.060 Enter GetExistingAccountForComputerInReplicaDomain
    dcpromoui E40.8C8 001B 14:14:34.060   START TEST: GetExistingAccountForComputerInReplicaDomain
    dcpromoui E40.8C8 001C 14:14:34.061   Enter Computer::RemoveLeadingBackslashes 
    dcpromoui E40.8C8 001D 14:14:34.072   Using empty constructor
    dcpromoui E40.8C8 001E 14:14:34.072   Enter Computer::Refresh
    dcpromoui E40.8C8 001F 14:14:34.072     Enter IsLocalComputer
    dcpromoui E40.8C8 0020 14:14:34.072     Enter RefreshLocalInformation
    dcpromoui E40.8C8 0021 14:14:34.072     Enter GetProductTypeFromRegistry
    dcpromoui E40.8C8 0022 14:14:34.072       Enter RegistryKey::Open System\CurrentControlSet\Control\ProductOptions
    dcpromoui E40.8C8 0023 14:14:34.072       Enter RegistryKey::GetValue-String ProductType
    dcpromoui E40.8C8 0024 14:14:34.072       ServerNT
    dcpromoui E40.8C8 0025 14:14:34.072       prodtype : 0x3
    dcpromoui E40.8C8 0026 14:14:34.072     Enter GetSafebootOption
    dcpromoui E40.8C8 0027 14:14:34.072       Enter RegistryKey::Open System\CurrentControlSet\Control\SafeBoot\Option
    dcpromoui E40.8C8 0028 14:14:34.072       HRESULT = 0x80070002
    dcpromoui E40.8C8 0029 14:14:34.072       returning : 0x0
    dcpromoui E40.8C8 002A 14:14:34.072     Enter DetermineRoleAndMembership
    dcpromoui E40.8C8 002B 14:14:34.072       Enter MyDsRoleGetPrimaryDomainInformation
    dcpromoui E40.8C8 002C 14:14:34.072         Enter MyDsRoleGetPrimaryDomainInformationHelper
    dcpromoui E40.8C8 002D 14:14:34.072           Calling DsRoleGetPrimaryDomainInformation
    dcpromoui E40.8C8 002E 14:14:34.072           lpServer  : (null)
    dcpromoui E40.8C8 002F 14:14:34.072           InfoLevel : 0x1 (DsRolePrimaryDomainInfoBasic)
    dcpromoui E40.8C8 0030 14:14:34.072           HRESULT = 0x00000000
    dcpromoui E40.8C8 0031 14:14:34.072         MachineRole      : 0x3
    dcpromoui E40.8C8 0032 14:14:34.072         Flags            : 0x1000000
    dcpromoui E40.8C8 0033 14:14:34.072         DomainNameFlat   : ANDREWGARRETT
    dcpromoui E40.8C8 0034 14:14:34.072         DomainNameDns    : ANDREWGARRETTINC.COM
    dcpromoui E40.8C8 0035 14:14:34.072         DomainForestName : ANDREWGARRETTINC.COM
    dcpromoui E40.8C8 0036 14:14:34.073       Enter IsDcInRepairMode
    dcpromoui E40.8C8 0037 14:14:34.073   HRESULT = 0x00000000
    dcpromoui E40.8C8 0038 14:14:34.073   Enter State::DetermineRunContext
    dcpromoui E40.8C8 0039 14:14:34.079     Enter DS::GetPriorServerRole
    dcpromoui E40.8C8 003A 14:14:34.079       Enter MyDsRoleGetPrimaryDomainInformation
    dcpromoui E40.8C8 003B 14:14:34.079         Enter MyDsRoleGetPrimaryDomainInformationHelper
    dcpromoui E40.8C8 003C 14:14:34.079           Calling DsRoleGetPrimaryDomainInformation
    dcpromoui E40.8C8 003D 14:14:34.079           lpServer  : (null)
    dcpromoui E40.8C8 003E 14:14:34.079           InfoLevel : 0x2 (DsRoleUpgradeStatus)
    dcpromoui E40.8C8 003F 14:14:34.079           HRESULT = 0x00000000
    dcpromoui E40.8C8 0040 14:14:34.079         OperationState      : 0
    dcpromoui E40.8C8 0041 14:14:34.079         PreviousServerState : 0
    dcpromoui E40.8C8 0042 14:14:34.079     Enter Computer::GetNetbiosName
    dcpromoui E40.8C8 0043 14:14:34.079       AGIDC01
    dcpromoui E40.8C8 0044 14:14:34.079     Enter Computer::GetRole AGIDC01
    dcpromoui E40.8C8 0045 14:14:34.079       role: 3
    dcpromoui E40.8C8 0046 14:14:34.079     NT5_MEMBER_SERVER
    dcpromoui E40.8C8 0047 14:14:34.079   Enter State::GetRunContext NT5_MEMBER_SERVER
    dcpromoui E40.8C8 0048 14:14:34.080   Enter FS::GetPathSyntax C:\Windows\system32
    dcpromoui E40.8C8 0049 14:14:34.080   HRESULT = 0x00000000
    dcpromoui E40.8C8 004A 14:14:34.080   Enter State::SetMode STAGETWO
    dcpromoui E40.8C8 004B 14:14:34.080   Enter State::SetOperation REPLICA
    dcpromoui E40.8C8 004C 14:14:34.080   Enter GetCredentialsFunctInternal
    dcpromoui E40.8C8 004D 14:14:34.080     Enter ShouldSkipCredentialsPage
    dcpromoui E40.8C8 004E 14:14:34.080       Enter State::GetOperation REPLICA
    dcpromoui E40.8C8 004F 14:14:34.080     using empty user domain name
    dcpromoui E40.8C8 0050 14:14:34.080     Enter State::GetOperation REPLICA
    dcpromoui E40.8C8 0051 14:14:34.082     Enter GetForestName ANDREWGARRETTINC.COM
    dcpromoui E40.8C8 0052 14:14:34.082       Enter MyDsGetDcName
    dcpromoui E40.8C8 0053 14:14:34.082         Enter MyDsGetDcName2
    dcpromoui E40.8C8 0054 14:14:34.082           Calling DsGetDcName
    dcpromoui E40.8C8 0055 14:14:34.082           ComputerName : (null)
    dcpromoui E40.8C8 0056 14:14:34.082           DomainName   : ANDREWGARRETTINC.COM
    dcpromoui E40.8C8 0057 14:14:34.082           DomainGuid   : (null)
    dcpromoui E40.8C8 0058 14:14:34.082           SiteName     : (null)
    dcpromoui E40.8C8 0059 14:14:34.082           Flags        : 0x40000000
    dcpromoui E40.8C8 005A 14:14:34.084           HRESULT = 0x8007054B
    dcpromoui E40.8C8 005B 14:14:34.084           Trying again w/ rediscovery
    dcpromoui E40.8C8 005C 14:14:34.084           HRESULT = 0x8007054B
    dcpromoui E40.8C8 005D 14:14:34.084     using forest name 
    dcpromoui E40.8C8 005E 14:14:34.096   GetExistingAccountForComputerInReplicaDomain error message: An Active Directory domain controller for the domain "ANDREWGARRETTINC.COM" could not be contacted.

    Ensure that you supplied the correct DNS domain name.



    dcpromoui E40.8C8 005F 14:14:34.096   Test Failed
    dcpromoui E40.8C8 0060 14:14:34.096   GetExistingAccountForComputerInReplicaDomain returns exit code: 25
    dcpromoui E40.8C8 0061 14:14:34.096   END TEST: GetExistingAccountForComputerInReplicaDomain
    dcpromoui E40.8C8 0062 14:14:34.099   Enter State::UnbindFromReplicationPartnetDC
    dcpromoui E40.DF8 0063 14:14:56.650 Enter GetExistingAccountForComputerInReplicaDomain
    dcpromoui E40.DF8 0064 14:14:56.650   START TEST: GetExistingAccountForComputerInReplicaDomain
    dcpromoui E40.DF8 0065 14:14:56.650   Enter Computer::RemoveLeadingBackslashes 
    dcpromoui E40.DF8 0066 14:14:56.650   Using empty constructor
    dcpromoui E40.DF8 0067 14:14:56.650   Enter Computer::Refresh
    dcpromoui E40.DF8 0068 14:14:56.650     Enter IsLocalComputer
    dcpromoui E40.DF8 0069 14:14:56.650     Enter RefreshLocalInformation
    dcpromoui E40.DF8 006A 14:14:56.650     Enter GetProductTypeFromRegistry
    dcpromoui E40.DF8 006B 14:14:56.650       Enter RegistryKey::Open System\CurrentControlSet\Control\ProductOptions
    dcpromoui E40.DF8 006C 14:14:56.651       Enter RegistryKey::GetValue-String ProductType
    dcpromoui E40.DF8 006D 14:14:56.651       ServerNT
    dcpromoui E40.DF8 006E 14:14:56.651       prodtype : 0x3
    dcpromoui E40.DF8 006F 14:14:56.651     Enter GetSafebootOption
    dcpromoui E40.DF8 0070 14:14:56.651       Enter RegistryKey::Open System\CurrentControlSet\Control\SafeBoot\Option
    dcpromoui E40.DF8 0071 14:14:56.651       HRESULT = 0x80070002
    dcpromoui E40.DF8 0072 14:14:56.651       returning : 0x0
    dcpromoui E40.DF8 0073 14:14:56.651     Enter DetermineRoleAndMembership
    dcpromoui E40.DF8 0074 14:14:56.651       Enter MyDsRoleGetPrimaryDomainInformation
    dcpromoui E40.DF8 0075 14:14:56.651         Enter MyDsRoleGetPrimaryDomainInformationHelper
    dcpromoui E40.DF8 0076 14:14:56.651           Calling DsRoleGetPrimaryDomainInformation
    dcpromoui E40.DF8 0077 14:14:56.651           lpServer  : (null)
    dcpromoui E40.DF8 0078 14:14:56.651           InfoLevel : 0x1 (DsRolePrimaryDomainInfoBasic)
    dcpromoui E40.DF8 0079 14:14:56.651           HRESULT = 0x00000000
    dcpromoui E40.DF8 007A 14:14:56.651         MachineRole      : 0x3
    dcpromoui E40.DF8 007B 14:14:56.651         Flags            : 0x1000000
    dcpromoui E40.DF8 007C 14:14:56.651         DomainNameFlat   : ANDREWGARRETT
    dcpromoui E40.DF8 007D 14:14:56.651         DomainNameDns    : ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 007E 14:14:56.651         DomainForestName : ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 007F 14:14:56.651       Enter IsDcInRepairMode
    dcpromoui E40.DF8 0080 14:14:56.651   HRESULT = 0x00000000
    dcpromoui E40.DF8 0081 14:14:56.651   Enter State::DetermineRunContext
    dcpromoui E40.DF8 0082 14:14:56.651     Enter DS::GetPriorServerRole
    dcpromoui E40.DF8 0083 14:14:56.651       Enter MyDsRoleGetPrimaryDomainInformation
    dcpromoui E40.DF8 0084 14:14:56.651         Enter MyDsRoleGetPrimaryDomainInformationHelper
    dcpromoui E40.DF8 0085 14:14:56.651           Calling DsRoleGetPrimaryDomainInformation
    dcpromoui E40.DF8 0086 14:14:56.651           lpServer  : (null)
    dcpromoui E40.DF8 0087 14:14:56.651           InfoLevel : 0x2 (DsRoleUpgradeStatus)
    dcpromoui E40.DF8 0088 14:14:56.651           HRESULT = 0x00000000
    dcpromoui E40.DF8 0089 14:14:56.651         OperationState      : 0
    dcpromoui E40.DF8 008A 14:14:56.651         PreviousServerState : 0
    dcpromoui E40.DF8 008B 14:14:56.651     Enter Computer::GetNetbiosName
    dcpromoui E40.DF8 008C 14:14:56.651       AGIDC01
    dcpromoui E40.DF8 008D 14:14:56.651     Enter Computer::GetRole AGIDC01
    dcpromoui E40.DF8 008E 14:14:56.651       role: 3
    dcpromoui E40.DF8 008F 14:14:56.651     NT5_MEMBER_SERVER
    dcpromoui E40.DF8 0090 14:14:56.651   Enter State::GetRunContext NT5_MEMBER_SERVER
    dcpromoui E40.DF8 0091 14:14:56.652   Enter FS::GetPathSyntax C:\
    dcpromoui E40.DF8 0092 14:14:56.652   HRESULT = 0x00000000
    dcpromoui E40.DF8 0093 14:14:56.652   Enter State::SetMode STAGETWO
    dcpromoui E40.DF8 0094 14:14:56.652   Enter State::SetOperation REPLICA
    dcpromoui E40.DF8 0095 14:14:56.652   Enter GetCredentialsFunctInternal
    dcpromoui E40.DF8 0096 14:14:56.652     Enter ShouldSkipCredentialsPage
    dcpromoui E40.DF8 0097 14:14:56.652       Enter State::GetOperation REPLICA
    dcpromoui E40.DF8 0098 14:14:56.652     using empty user domain name
    dcpromoui E40.DF8 0099 14:14:56.652     Enter State::GetOperation REPLICA
    dcpromoui E40.DF8 009A 14:14:56.652     Enter GetForestName ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 009B 14:14:56.652       Enter MyDsGetDcName
    dcpromoui E40.DF8 009C 14:14:56.652         Enter MyDsGetDcName2
    dcpromoui E40.DF8 009D 14:14:56.652           Calling DsGetDcName
    dcpromoui E40.DF8 009E 14:14:56.652           ComputerName : (null)
    dcpromoui E40.DF8 009F 14:14:56.652           DomainName   : ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00A0 14:14:56.652           DomainGuid   : (null)
    dcpromoui E40.DF8 00A1 14:14:56.652           SiteName     : (null)
    dcpromoui E40.DF8 00A2 14:14:56.652           Flags        : 0x40000000
    dcpromoui E40.DF8 00A3 14:14:56.652           HRESULT = 0x00000000
    dcpromoui E40.DF8 00A4 14:14:56.652           DomainControllerName    : \\AGI-AD.ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00A5 14:14:56.652           DomainControllerAddress : \\10.10.15.10
    dcpromoui E40.DF8 00A6 14:14:56.652           DomainGuid              : {7F6DE6A9-1DF6-40FD-9AE9-296B3911FDB4}
    dcpromoui E40.DF8 00A7 14:14:56.652           DomainName              : ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00A8 14:14:56.652           DnsForestName           : ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00A9 14:14:56.652           Flags                   : 0xE00071FD:
    dcpromoui E40.DF8 00AA 14:14:56.652           DcSiteName              : Default-First-Site-Name
    dcpromoui E40.DF8 00AB 14:14:56.652           ClientSiteName          : Default-First-Site-Name
    dcpromoui E40.DF8 00AC 14:14:56.652     using forest name ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00AD 14:14:56.652     Enter State::GetOperation REPLICA
    dcpromoui E40.DF8 00AE 14:14:56.652     Enter State::SetForestName ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00AF 14:14:56.652     Enter State::SetTargetDomainName ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00B0 14:14:56.652     Enter CheckUserIsLocal
    dcpromoui E40.DF8 00B1 14:14:56.652     Enter State::GetOperation REPLICA
    dcpromoui E40.DF8 00B2 14:14:56.652     Enter State::ReadDomains
    dcpromoui E40.DF8 00B3 14:14:56.652       Enter State::GetTargetDomainName
    dcpromoui E40.DF8 00B4 14:14:56.652         Enter State::GetOperation REPLICA
    dcpromoui E40.DF8 00B5 14:14:56.652         target domain name: ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00B6 14:14:56.652       Enter CDomains::ReadDomains
    dcpromoui E40.DF8 00B7 14:14:56.657         Enter MyDsEnumerateDomainTrusts
    dcpromoui E40.DF8 00B8 14:14:56.657           Enter GetDcName
    dcpromoui E40.DF8 00B9 14:14:56.657             Enter GetDcName2
    dcpromoui E40.DF8 00BA 14:14:56.657               Enter MyDsGetDcName2
    dcpromoui E40.DF8 00BB 14:14:56.657                 Calling DsGetDcName
    dcpromoui E40.DF8 00BC 14:14:56.657                 ComputerName : (null)
    dcpromoui E40.DF8 00BD 14:14:56.657                 DomainName   : ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00BE 14:14:56.657                 DomainGuid   : (null)
    dcpromoui E40.DF8 00BF 14:14:56.657                 SiteName     : (null)
    dcpromoui E40.DF8 00C0 14:14:56.657                 Flags        : 0x40000011
    dcpromoui E40.DF8 00C1 14:14:56.658                 HRESULT = 0x8007054B
    dcpromoui E40.DF8 00C2 14:14:56.658               HRESULT = 0x8007054B
    dcpromoui E40.DF8 00C3 14:14:56.658           HRESULT = 0x8007054B
    dcpromoui E40.DF8 00C4 14:14:56.658           HRESULT = 0x8007054B
    dcpromoui E40.DF8 00C5 14:14:56.658         HRESULT = 0x8007054B
    dcpromoui E40.DF8 00C6 14:14:56.658         HRESULT = 0x8007054B
    dcpromoui E40.DF8 00C7 14:14:56.658     failed trying to read domains, returned 0x8007054B
    dcpromoui E40.DF8 00C8 14:14:56.658     Enter State::GetTargetDomainName
    dcpromoui E40.DF8 00C9 14:14:56.658       Enter State::GetOperation REPLICA
    dcpromoui E40.DF8 00CA 14:14:56.658       target domain name: ANDREWGARRETTINC.COM
    dcpromoui E40.DF8 00CB 14:14:56.658   GetExistingAccountForComputerInReplicaDomain error message: An Active Directory domain controller for the domain "ANDREWGARRETTINC.COM" could not be contacted.

    Ensure that you supplied the correct DNS domain name.

    There is more, but it seems to be repeating.

    Sorry, i dont have as much experience to see in this log what the exact issue might be. 

    Thanks for your help



    mist82

    Tuesday, March 21, 2017 4:57 PM
  • The error is;

    An Active Directory domain controller for the domain "ANDREWGARRETTINC.COM" could not be contacted.
    Ensure that you supplied the correct DNS domain name

     Also check ip config on DC,primary dns ip address need to be point to itself,and other server dns ip needs to point to dc's ip address.

    And also please share "dcdiag" result from DC..


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Tuesday, March 21, 2017 9:24 PM
  • well, that is the error i spoke about in my first post. i know that it cant be contacted, that is the reason of my issue to begin with.

    domain name is correct, admin credentials are correct

    dns set on the DC is its own IP

    the other servers dns is set to the main DC address

    as i mentioned, there is communication between them when i try to ping, and do nslookup, but dc promo wont communicate with the DC.

    Below is the dcdiag output. I see this 

    "Doing primary tests

       Testing server: Default-First-Site-Name\AGI-AD

          Skipping all tests, because server AGI-AD is not responding to directory

          service requests." and not sure why i am getting that

    C:\Users\Administrator>dcdiag

    Directory Server Diagnosis

    Performing initial setup:

       Trying to find home server...

       Home Server = AGI-AD

       * Identified AD Forest.

       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\AGI-AD

          Starting test: Connectivity

             An error that is usually temporary occurred during DNS host lookup.

             Please try again later.

             Got error while checking LDAP and RPC connectivity. Please check your

             firewall settings.

             ......................... AGI-AD failed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\AGI-AD

          Skipping all tests, because server AGI-AD is not responding to directory

          service requests.

       Running partition tests on : ForestDnsZones

          Starting test: CheckSDRefDom

             ......................... ForestDnsZones passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... ForestDnsZones passed test

             CrossRefValidation

       Running partition tests on : DomainDnsZones

          Starting test: CheckSDRefDom

             ......................... DomainDnsZones passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... DomainDnsZones passed test

             CrossRefValidation

       Running partition tests on : Schema

          Starting test: CheckSDRefDom

             ......................... Schema passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... Schema passed test CrossRefValidation

       Running partition tests on : Configuration

          Starting test: CheckSDRefDom

             ......................... Configuration passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... Configuration passed test CrossRefValidation

       Running partition tests on : ANDREWGARRETTINC

          Starting test: CheckSDRefDom

             ......................... ANDREWGARRETTINC passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... ANDREWGARRETTINC passed test

             CrossRefValidation

       Running enterprise tests on : ANDREWGARRETTINC.COM

          Starting test: LocatorCheck

             ......................... ANDREWGARRETTINC.COM passed test

             LocatorCheck

          Starting test: Intersite

             ......................... ANDREWGARRETTINC.COM passed test Intersite

    C:\Users\Administrator>


    mist82

    Wednesday, March 22, 2017 2:48 PM
  • Seems dns could not works properly,restart netlogon service to re-register all necessary DNS records.
    follow the steps also;

    https://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

    Also make sure Dynamic Updates are enabled on your DNS Zone.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Wednesday, March 22, 2017 8:09 PM
  • Have you verified all the required network ports including UDP? You need to check the DNS resolution and firewall, that should resolve the issue.
    Thursday, March 23, 2017 12:19 PM
  • It looks like wrong DNS configuration over NIC properties. Please check below link and correct DNS configuration and then restart Netlogon (if the server is already domain joined). Connectivity test fails when DNS settings are wrong. You need to fix this first. If this configuration doesn't fix the issues then  check Debug logs for DCPromo errors (C:\Windows\Debug).

    DNS Best Practice on DC

    Thursday, March 23, 2017 2:46 PM
  • Thanks,

    ive followed the article, done exactly as it said, no luck.

    also dcpromo log i posted a bit above, pretty long, but the error that it displays is 

    dcpromoui DEC.628 02D5 13:09:25.058   GetExistingAccountForComputerInReplicaDomain error message: An Active Directory domain controller for the domain "ANDREWGARRETTINC.COM" could not be contacted.

    Ensure that you supplied the correct DNS domain name.

    domain name is correct. went over this with Burak as well (Burak thanks for help).

    so far no suggestions worked :-(

    i had a Microsoft Cloud architect go through the whole thing with me as well, he has no idea what is going on either.


    mist82

    Thursday, March 23, 2017 5:12 PM
  • Tried that, also did the NIC binding from the link you suggested. This did not resolve the issue

    Also Dynamic Updates part, its set to "Primary zone" and "Store the zone in Active Directory" is selected.


    mist82

    Thursday, March 23, 2017 7:03 PM
  • would you mind sharing all the ports i have to check, or reference a link for this please? this is one part i didnt do on the network firewall.

    mist82

    Thursday, March 23, 2017 7:09 PM
  • i have these errors in the DNS section of the server manager

    AGI-AD Error DNS: The DNS server ::1 on the Broadcom NetXtreme Gigabit Ethernet #4 must resolve PDC resource records for the domain controller

    Configuration

    AGI-AD Error DNS: The DNS server 10.10.15.10 on the Broadcom NetXtreme Gigabit Ethernet #4 must resolve PDC resource records for the domain controller Configuration
    AGI-AD Error DNS: Zone _msdcs.ANDREWGARRETTINC.COM is an Active Directory integrated DNS Zone and must be available. Configuration
    AGI-AD Error DNS: The DNS server 127.0.0.1 on the Broadcom NetXtreme Gigabit Ethernet #4 must resolve PDC resource records for the domain controller Configuration
    AGI-AD Error DNS: The DNS server 127.0.0.1 on Broadcom NetXtreme Gigabit Ethernet #4 must resolve Global Catalog resource records for the domain controller Configuration
    AGI-AD Error DNS: DNS servers on Broadcom NetXtreme Gigabit Ethernet #4 should include the loopback address, but not as the first entry. Configuration
    AGI-AD Error DNS: The DNS server 10.10.15.10 on Broadcom NetXtreme Gigabit Ethernet #4 must resolve Global Catalog resource records for the domain controller Configuration
    AGI-AD Error DNS: The DNS server ::1 on Broadcom NetXtreme Gigabit Ethernet #4 must resolve Global Catalog resource records for the domain controller Configuration


    mist82

    Thursday, March 23, 2017 7:17 PM
  • also these in AD DS section

    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record Kdc from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record DsaCname from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record KdcAtSite from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record DcAtSite from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record Dc from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record Gc from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record Pdc from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record GcAtSite from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record GcIpAddress from the DNS servers Configuration
    AGI-AD Error The AD DS BPA should be able to collect data about the DNS record DcByGuid from the DNS servers

    Something is obviously up with DNS here, but i have no idea where to look in any more


    mist82

    Thursday, March 23, 2017 7:19 PM
  • would you mind sharing all the ports i have to check, or reference a link for this please? this is one part i didnt do on the network firewall.

    mist82

    Active Directory Replication over Firewalls

    https://msdn.microsoft.com/en-us/library/bb727063.aspx


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Thursday, March 23, 2017 8:20 PM
  • Make sure you enable the dynamic ports too 

    https://support.microsoft.com/en-us/help/832017/service-overview-and-network-port-requirements-for-windows#4

    Friday, March 24, 2017 5:54 AM
  • Hi,

    Just checking in to see if the information provided was helpful. And if the replies as above are helpful, we would appreciate you to mark them as answers, please let us know if you would like further assistance.

    Best Regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, March 27, 2017 8:27 AM
    Moderator
  • As these errors I think DNS records and SRV records are not resolved by newDC. Run below commands to get some idea.

    From elevated command prompt ping ANDREWGARRETTINC.COM, is it resolving to any IP or not. Then run nltest /dsgetdc:ANDREWGARRETTINC.COM, see which DC this server is pointing to. Ping that DC with name and IP address. If ping is working then change DNS pointing on NIC card to that DC as primary DNS. and remove 127.0.0.1 from NIC card DNS settings. Before promoting server as DC, start restart Netlogon service or run below command.

    net stop netlogon & ipconfig /flushdns & net start netlogon & ipconfig /registerdns


    • Edited by VenkatSP Monday, March 27, 2017 2:04 PM update
    Monday, March 27, 2017 1:07 PM