none
Reliability of nltest for secure channel

    Question

  • Among the 4 domain controllers in my single-forest/single-domain, I have one DC which fails the nltest /sc_verify:mydomain.com. It spits out "I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH domain.  It does, however, replicate with the remaining 3 DC's just fine (via repadmin /syncall or /replsummary).  It fails on the powershell Test-ComputerSecureChannel but gives an "OK" using gwmi win32_ntdomain.  I have checked DNS and the appropriate SRV records as per https://support.microsoft.com/en-us/kb/241515 ). How reliable is nltest when run against a domain controller?  I have seen posting that indicate if replication is occurring, nltest must be wrong if it throws an error. Please advise and any possible solutions you could direct me should the DC's secure channel be broken. Thanks.

    Friday, December 30, 2016 5:56 PM

All replies