none
Server 2016 DC02 AD not working without DC01

    Question

  • Hi, Active Directory or Group Policy wont work without DC01 on. DC01 is windows server 2016 Technical Preview 5. I have already transferred FSMO roles to DC02 which is the release build of Windows Server 2016. i moved FSMO roles to DC02 running the following command: Move-ADDirectoryServerOperationMasterRole -Identity FERRAZ1 -OperationMasterRole SchemaMaster, DomainNamingMaster, PDCEmulator, RIDMaster, InfrastructureMaster

    DC01 reads as DC02 being the operations master but DC02 still can't access Active Directory or Group Policy without DC01 being on. any advice? 

    when DC02 is on only ADDS throws me this error: Naming Information cannot be located for the following reason: The Server is not operational

    Regards

    Josh



    Monday, January 16, 2017 2:56 AM

Answers

  • Thanks for everything, unfortunately nothing succeeded so in the end, i stood up a new domain wiping the old one. 
    • Marked as answer by Joshua Ferraz Sunday, February 5, 2017 5:36 AM
    Sunday, February 5, 2017 5:36 AM

All replies

  • Probably something DNS related. Need some info:

    What are the IP addresses of DC01 and DC02.

    What are the DNS settings in the IP configuration settings for the NICs on each DC?

    What is the domain name?

    Are the correct AD related records in DNS for both DCs?

    Is AD and DNS replication working?

    Any relevant errors in the event logs when both systems are on?

    Thanks

    Ed

    Monday, January 16, 2017 3:30 AM
  • DC02 runs through a VM with a physical disk as boot drive on DC01 when DC01 is active, when DC01 is off DC02 runs on its own. 

    DC01 is 192.168.0.20, DC02 is 192.168.0.21 

    DC01 DNS is 192.168.0.1, DC02 DNS is 192.168.0.1 on Both VM and physical bootits 192.168.0.1)

    Domain is FerrazServer.local

    Dont understand what AD related records is.

    I just used connect to server from DNS just now and it worked, Dont know what AD replication is

    no, there are no relevant errors in event viewer

    PS. In operations master under ADDS in DC01, it reads operations master for everything ERROR, while DC02 reads itself like its meant to and also has DC01 below the change button. could this be related?


    Monday, January 16, 2017 6:51 AM
  • Hi

     Please share "dcdiag","repadmin /replsum","netdom query fsmo" results to check the issue.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Monday, January 16, 2017 7:11 AM
  • ALL have been run on DC02 when its on is own with DC01 offline, (DC02 should be the operations master):

    Windows PowerShell
    Copyright (C) 2016 Microsoft Corporation. All rights reserved.

    PS C:\Users\Administrator.FERRAZSERVER> dcdiag

    Directory Server Diagnosis

    Performing initial setup:
       Trying to find home server...
       Home Server = FERRAZ1
       * Identified AD Forest.
       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\FERRAZ1
          Starting test: Connectivity
             The host 1b037bf4-2b19-447b-9b24-d4b604be524f._msdcs.FerrazServer.local could not be resolved to an IP
             address. Check the DNS server, DHCP, server name, etc.
             Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
             ......................... FERRAZ1 failed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\FERRAZ1
          Skipping all tests, because server FERRAZ1 is not responding to directory service requests.


       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation

       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation

       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation

       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation

       Running partition tests on : FerrazServer
          Starting test: CheckSDRefDom
             ......................... FerrazServer passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... FerrazServer passed test CrossRefValidation

       Running enterprise tests on : FerrazServer.local
          Starting test: LocatorCheck
             Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
             A Global Catalog Server could not be located - All GC's are down.
             Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
             A Time Server could not be located.
             The server holding the PDC role is down.
             Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
             A Good Time Server could not be located.
             Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
             A KDC could not be located - All the KDCs are down.
             ......................... FerrazServer.local failed test LocatorCheck
          Starting test: Intersite
             ......................... FerrazServer.local passed test Intersite
    PS C:\Users\Administrator.FERRAZSERVER> repadmin /replsum
    Replication Summary Start Time: 2017-01-16 17:38:49

    Beginning data collection for replication summary, this may take awhile:
      .....


    Source DSA          largest delta    fails/total %%   error
     FERRAZ                01h:01m:16s    5 /   5  100  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.


    Destination DSA     largest delta    fails/total %%   error
     FERRAZ1               01h:01m:16s    5 /   5  100  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.


    Experienced the following operational errors trying to retrieve replication information:
              58 - Ferraz.FerrazServer.local
    PS C:\Users\Administrator.FERRAZSERVER> netdom query fsmo
    The specified domain either does not exist or could not be contacted.

    The command failed to complete successfully.

    PS C:\Users\Administrator.FERRAZSERVER>
























    Monday, January 16, 2017 7:40 AM
  • Hi

     Seems there is a port accessibility issue on your dc's(disable FW on both DC and check rules on network side.).You should verify necessary ports are accessible on both DC.You can verify with PortQryUI;

    https://www.microsoft.com/en-us/download/details.aspx?id=24009


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Monday, January 16, 2017 10:01 AM
  • install DNS on the other DC, too. Also, make sure that you allow Secure and non-secure updates to the zone, when troubleshooting.

    Then try running:

    ipconfig /registerdns

    and restart the Net Logon service at the problem server.

     If above does not help then most probabale chance is   that all available network ports were consumed. You can easily check this by running

    netstat -an >c:\portlist.txt

    If there are hundreds or thousands of rows of used ports in the portlist.txt, this could be the case. Naturally, the number of ports used and not freed for reuse increases during time.
    Monday, January 16, 2017 11:51 AM
  • Do not disable the firewall or change settings there yet.

    You need to run the diagnostics command with both DCs running.

    The commands, in part, test communication between domain controllers which it cannot do when one is turned off.

    In one of your posts you state "DC02 runs through a VM with a physical disk as boot drive on DC01 when DC01 is active, when DC01 is off DC02 runs on its own." Please explain.

    Do you mean that DC02 is a Virtual Machine? It's disk is on DC01? Does that mean the DC01 is the host running Hyper-V?

    DNS should be installed on both DCs.

    The DNS settings in NIC config on DC01 should be Preferred DNS = IP of DC02. Alternate DNS = IP of DC01.

    The DNS settings in NIC config on DC02 should be Preferred DNS = IP of DC01. Alternate DNS = IP of DC02.

    What do you mean by "physical bootits 192.168.0.1"?

    Thanks

    Ed

    Monday, January 16, 2017 7:19 PM
  • i use VMware workstation, instead of using a virtual hard disk, i use a physical disk for boot (a physical hard drive) whenever DC01 is on, DC02 runs through a VM. Whenever DC01 is off, i boot DC02 like a normal OS.

    What i mean is that DC02 is installed on my External WD Elements HDD and VMware Workstation uses that external drive as a boot drive. When DC01 is shut down, i boot DC02 from my boot selector in the BIOS.

    What i am trying to do is migrate AD completely over to DC02 and demote DC01.

    here are the results with DC01 on as well (Ran from DC02)

    DC01 is Ferraz.FerrazServer.local

    DC02 is Ferraz1.FerrazSerer.local

    Windows PowerShell
    Copyright (C) 2016 Microsoft Corporation. All rights reserved.

    PS C:\Users\Administrator.FERRAZSERVER> dcdiag

    Directory Server Diagnosis

    Performing initial setup:
       Trying to find home server...
       Home Server = FERRAZ1
       * Identified AD Forest.
       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\FERRAZ1
          Starting test: Connectivity
             ......................... FERRAZ1 passed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\FERRAZ1
          Starting test: Advertising
             Warning: DsGetDcName returned information for \\Ferraz.FerrazServer.local, when we were trying to reach
             FERRAZ1.
             SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
             ......................... FERRAZ1 failed test Advertising
          Starting test: FrsEvent
             ......................... FERRAZ1 passed test FrsEvent
          Starting test: DFSREvent
             There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL
             replication problems may cause Group Policy problems.
             ......................... FERRAZ1 failed test DFSREvent
          Starting test: SysVolCheck
             ......................... FERRAZ1 passed test SysVolCheck
          Starting test: KccEvent
             A warning event occurred.  EventID: 0x80000B46
                Time Generated: 01/17/2017   10:55:49
                Event String:
                The security of this directory server can be significantly enhanced by configuring the server to reject SASL
     (Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple
    binds that are performed on a clear text (non-SSL/TLS-encrypted) connection.  Even if no clients are using such binds, c
    onfiguring the server to reject them will improve the security of this server.
             An error event occurred.  EventID: 0xC0000827
                Time Generated: 01/17/2017   10:56:30
                Event String:
                Active Directory Domain Services could not resolve the following DNS host name of the source domain controll
    er to an IP address. This error prevents additions, deletions and changes in Active Directory Domain Services from repli
    cating between one or more domain controllers in the forest. Security groups, group policy, users and computers and thei
    r passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon au
    thentication and access to network resources.
             A warning event occurred.  EventID: 0x8000082C
                Time Generated: 01/17/2017   10:56:50
                Event String:
             A warning event occurred.  EventID: 0x8000051C
                Time Generated: 01/17/2017   11:00:50
                Event String:
                The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the followin
    g directory service has consistently failed.
             ......................... FERRAZ1 failed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... FERRAZ1 passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             ......................... FERRAZ1 passed test MachineAccount
          Starting test: NCSecDesc
             ......................... FERRAZ1 passed test NCSecDesc
          Starting test: NetLogons
             Unable to connect to the NETLOGON share! (\\FERRAZ1\netlogon)
             [FERRAZ1] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
             ......................... FERRAZ1 failed test NetLogons
          Starting test: ObjectsReplicated
             ......................... FERRAZ1 passed test ObjectsReplicated
          Starting test: Replications
             [Replications Check,FERRAZ1] A recent replication attempt failed:
                From FERRAZ to FERRAZ1
                Naming Context: DC=ForestDnsZones,DC=FerrazServer,DC=local
                The replication generated an error (8524):
                The DSA operation is unable to proceed because of a DNS lookup failure.
                The failure occurred at 2017-01-17 10:57:03.
                The last success occurred at 2017-01-16 16:37:33.
                4 failures have occurred since the last success.
                The guid-based DNS name 27bf2809-fdae-4052-a70b-470d36ed9949._msdcs.FerrazServer.local
                is not registered on one or more DNS servers.
             [Replications Check,FERRAZ1] A recent replication attempt failed:
                From FERRAZ to FERRAZ1
                Naming Context: CN=Schema,CN=Configuration,DC=FerrazServer,DC=local
                The replication generated an error (8524):
                The DSA operation is unable to proceed because of a DNS lookup failure.
                The failure occurred at 2017-01-17 10:56:47.
                The last success occurred at 2017-01-16 16:37:33.
                4 failures have occurred since the last success.
                The guid-based DNS name 27bf2809-fdae-4052-a70b-470d36ed9949._msdcs.FerrazServer.local
                is not registered on one or more DNS servers.
             ......................... FERRAZ1 failed test Replications
          Starting test: RidManager
             ......................... FERRAZ1 passed test RidManager
          Starting test: Services
             ......................... FERRAZ1 passed test Services
          Starting test: SystemLog
             An error event occurred.  EventID: 0x00000029
                Time Generated: 01/17/2017   10:55:18
                Event String: Hypervisor launch failed; Either VMX not present or not enabled in BIOS.
             An error event occurred.  EventID: 0x0000007C
                Time Generated: 01/17/2017   10:55:18
                Event String:
                The Virtualization Based Security enablement policy check at phase 0 failed with status: The request is not
    supported.
             A warning event occurred.  EventID: 0x000000DB
                Time Generated: 01/17/2017   10:55:26
                Event String: The driver \Driver\vmbusr failed to load for the device ROOT\VMBus\0000.
             An error event occurred.  EventID: 0x00000062
                Time Generated: 01/17/2017   10:55:29
                Event String:
                Volume D: (\Device\HarddiskVolume1) needs to be taken offline to perform a Full Chkdsk.  Please run "CHKDSK
    /F" locally via the command line, or run "REPAIR-VOLUME <drive:>" locally or remotely via PowerShell.
             An error event occurred.  EventID: 0xC0040089
                Time Generated: 01/17/2017   10:55:29
                Event String:
                The default transaction resource manager on volume D: encountered a non-retryable error and could not start.
      The data contains the error code.
             An error event occurred.  EventID: 0x00000062
                Time Generated: 01/17/2017   10:55:29
                Event String:
                Volume \\?\Volume{a5a7f62f-0000-0000-0000-e0a2d1010000} (\Device\HarddiskVolume3) needs to be taken offline
    to perform a Full Chkdsk.  Please run "CHKDSK /F" locally via the command line, or run "REPAIR-VOLUME <drive:>" locally
    or remotely via PowerShell.
             A warning event occurred.  EventID: 0x000000DB
                Time Generated: 01/17/2017   10:55:42
                Event String:
                The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\{92800497-d20f-11e6-8bb2-806e6f6e6963
    }#0000000000008000.
             A warning event occurred.  EventID: 0x000727AA
                Time Generated: 01/17/2017   10:56:08
                Event String:
                The WinRM service failed to create the following SPNs: WSMAN/FERRAZ1.FerrazServer.local; WSMAN/FERRAZ1.
             A warning event occurred.  EventID: 0x00002724
                Time Generated: 01/17/2017   10:56:13
                Event String:
                This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you s
    hould use only static IPv6 addresses.
             An error event occurred.  EventID: 0x00000423
                Time Generated: 01/17/2017   10:56:19
                Event String: The DHCP service failed to see a directory server for authorization.
             An error event occurred.  EventID: 0x00000416
                Time Generated: 01/17/2017   10:56:19
                Event String:
                The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain FerrazServer.loca
    l, has determined that it is not authorized to start.  It has stopped servicing clients.  The following are some possibl
    e reasons for this:
             An error event occurred.  EventID: 0x00000423
                Time Generated: 01/17/2017   10:56:20
                Event String: The DHCP service failed to see a directory server for authorization.
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:20
                Event String:
                The dynamic registration of the DNS record 'FerrazServer.local. 600 IN A 192.168.0.21' failed on the followi
    ng DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:21
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.FerrazServer.local. 600 IN SRV 0 100 389 FERRAZ1.Ferr
    azServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:22
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.FerrazServer.local. 60
    0 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:23
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.pdc._msdcs.FerrazServer.local. 600 IN SRV 0 100 389 F
    ERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:24
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.gc._msdcs.FerrazServer.local. 600 IN SRV 0 100 3268 F
    ERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:25
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.FerrazServer
    .local. 600 IN SRV 0 100 3268 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:26
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.cc97914b-59dc-4baf-a537-5c0e75378f75.domains._msdcs.F
    errazServer.local. 600 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:27
                Event String:
                The dynamic registration of the DNS record 'gc._msdcs.FerrazServer.local. 600 IN A 192.168.0.21' failed on t
    he following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:28
                Event String:
                The dynamic registration of the DNS record '1b037bf4-2b19-447b-9b24-d4b604be524f._msdcs.FerrazServer.local.
    600 IN CNAME FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:29
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.dc._msdcs.FerrazServer.local. 600 IN SRV 0 100 389 FE
    RRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:31
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.FerrazServer
    .local. 600 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:32
                Event String:
                The dynamic registration of the DNS record '_gc._tcp.FerrazServer.local. 600 IN SRV 0 100 3268 FERRAZ1.Ferra
    zServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0xC0001B7E
                Time Generated: 01/17/2017   10:56:31
                Event String:
                The WseMgmtSvc service was unable to log on as FerrazServer.local\ServerAdmin1$ with the currently configure
    d password due to the following error:
             An error event occurred.  EventID: 0xC0001B77
                Time Generated: 01/17/2017   10:56:31
                Event String:
                The WseMgmtSvc service terminated unexpectedly.  It has done this 1 time(s).  The following corrective actio
    n will be taken in 60000 milliseconds: Restart the service.
             An error event occurred.  EventID: 0xC0001B58
                Time Generated: 01/17/2017   10:56:31
                Event String: The WseMgmtSvc service failed to start due to the following error:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:33
                Event String:
                The dynamic registration of the DNS record '_gc._tcp.Default-First-Site-Name._sites.FerrazServer.local. 600
    IN SRV 0 100 3268 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0xC0001B7A
                Time Generated: 01/17/2017   10:56:33
                Event String: The AtherosSvc service terminated unexpectedly.  It has done this 1 time(s).
             An error event occurred.  EventID: 0x00002720
                Time Generated: 01/17/2017   10:57:32
                Event String:
                The application-specific permission settings do not grant Local Activation permission for the COM Server app
    lication with CLSID
             An error event occurred.  EventID: 0x00000422
                Time Generated: 01/17/2017   11:01:11
                Event String:
                The processing of Group Policy failed. Windows attempted to read the file \\FerrazServer.local\sysvol\Ferraz
    Server.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Gr
    oup Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by
    one or more of the following:
             An error event occurred.  EventID: 0x00002720
                Time Generated: 01/17/2017   11:03:00
                Event String:
                The application-specific permission settings do not grant Local Activation permission for the COM Server app
    lication with CLSID
             An error event occurred.  EventID: 0x00000422
                Time Generated: 01/17/2017   11:06:11
                Event String:
                The processing of Group Policy failed. Windows attempted to read the file \\FerrazServer.local\sysvol\Ferraz
    Server.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Gr
    oup Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by
    one or more of the following:
             ......................... FERRAZ1 failed test SystemLog
          Starting test: VerifyReferences
             ......................... FERRAZ1 passed test VerifyReferences


       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation

       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation

       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation

       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation

       Running partition tests on : FerrazServer
          Starting test: CheckSDRefDom
             ......................... FerrazServer passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... FerrazServer passed test CrossRefValidation

       Running enterprise tests on : FerrazServer.local
          Starting test: LocatorCheck
             ......................... FerrazServer.local passed test LocatorCheck
          Starting test: Intersite
             ......................... FerrazServer.local passed test Intersite
    PS C:\Users\Administrator.FERRAZSERVER> repadmin /replsum
    Replication Summary Start Time: 2017-01-17 11:08:43

    Beginning data collection for replication summary, this may take awhile:
      .....


    Source DSA          largest delta    fails/total %%   error
     FERRAZ                18h:31m:10s    2 /   5   40  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.
     FERRAZ1           13d.07h:01m:23s    4 /   5   80  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.


    Destination DSA     largest delta    fails/total %%   error
     FERRAZ            13d.07h:01m:24s    4 /   5   80  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.
     FERRAZ1               18h:32m:35s    2 /   5   40  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.


    PS C:\Users\Administrator.FERRAZSERVER> netdom query fsmo
    Schema master               FERRAZ1.FerrazServer.local
    Domain naming master        FERRAZ1.FerrazServer.local
    PDC                         FERRAZ1.FerrazServer.local
    RID pool manager            FERRAZ1.FerrazServer.local
    Infrastructure master       FERRAZ1.FerrazServer.local
    The command completed successfully.


    Tuesday, January 17, 2017 12:35 AM
  • Hi Josh,

    First, I suggest you try to check who is holding FSMO roles by the three ways, which has been descripted in the article below.

    How to find out who has your FSMO Roles?

    https://blogs.technet.microsoft.com/mempson/2007/11/08/how-to-find-out-who-has-your-fsmo-roles/

    Did you open firewall on domain?

    If yes, please make sure that the AD DS required ports are open.

    For the port requirement for AD DS, please check the article below.

    Active Directory and Active Directory Domain Services Port Requirements

    https://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx

    In addition, I suggest you try to turn off firewall temporary to check if the problem persists.

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, January 17, 2017 11:33 AM
    Moderator
  • Hi Joshua

    Please check this Microsoft article if it helps..

    https://support.microsoft.com/en-in/kb/323542


    Regards

    Rajeev 
    Tuesday, January 17, 2017 11:50 AM
  • i use VMware workstation, instead of using a virtual hard disk, i use a physical disk for boot (a physical hard drive) whenever DC01 is on, DC02 runs through a VM. Whenever DC01 is off, i boot DC02 like a normal OS.

    What i mean is that DC02 is installed on my External WD Elements HDD and VMware Workstation uses that external drive as a boot drive. When DC01 is shut down, i boot DC02 from my boot selector in the BIOS.

    What i am trying to do is migrate AD completely over to DC01 and demote DC01.

    here are the results with DC01 on as well (Ran from DC02)

    DC01 is Ferraz.FerrazServer.local

    DC02 is Ferraz1.FerrazSerer.local

    Windows PowerShell
    Copyright (C) 2016 Microsoft Corporation. All rights reserved.

    PS C:\Users\Administrator.FERRAZSERVER> dcdiag

    Directory Server Diagnosis

    Performing initial setup:
       Trying to find home server...
       Home Server = FERRAZ1
       * Identified AD Forest.
       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\FERRAZ1
          Starting test: Connectivity
             ......................... FERRAZ1 passed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\FERRAZ1
          Starting test: Advertising
             Warning: DsGetDcName returned information for \\Ferraz.FerrazServer.local, when we were trying to reach
             FERRAZ1.
             SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
             ......................... FERRAZ1 failed test Advertising
          Starting test: FrsEvent
             ......................... FERRAZ1 passed test FrsEvent
          Starting test: DFSREvent
             There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL
             replication problems may cause Group Policy problems.
             ......................... FERRAZ1 failed test DFSREvent
          Starting test: SysVolCheck
             ......................... FERRAZ1 passed test SysVolCheck
          Starting test: KccEvent
             A warning event occurred.  EventID: 0x80000B46
                Time Generated: 01/17/2017   10:55:49
                Event String:
                The security of this directory server can be significantly enhanced by configuring the server to reject SASL
     (Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple
    binds that are performed on a clear text (non-SSL/TLS-encrypted) connection.  Even if no clients are using such binds, c
    onfiguring the server to reject them will improve the security of this server.
             An error event occurred.  EventID: 0xC0000827
                Time Generated: 01/17/2017   10:56:30
                Event String:
                Active Directory Domain Services could not resolve the following DNS host name of the source domain controll
    er to an IP address. This error prevents additions, deletions and changes in Active Directory Domain Services from repli
    cating between one or more domain controllers in the forest. Security groups, group policy, users and computers and thei
    r passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon au
    thentication and access to network resources.
             A warning event occurred.  EventID: 0x8000082C
                Time Generated: 01/17/2017   10:56:50
                Event String:
             A warning event occurred.  EventID: 0x8000051C
                Time Generated: 01/17/2017   11:00:50
                Event String:
                The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the followin
    g directory service has consistently failed.
             ......................... FERRAZ1 failed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... FERRAZ1 passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             ......................... FERRAZ1 passed test MachineAccount
          Starting test: NCSecDesc
             ......................... FERRAZ1 passed test NCSecDesc
          Starting test: NetLogons
             Unable to connect to the NETLOGON share! (\\FERRAZ1\netlogon)
             [FERRAZ1] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
             ......................... FERRAZ1 failed test NetLogons
          Starting test: ObjectsReplicated
             ......................... FERRAZ1 passed test ObjectsReplicated
          Starting test: Replications
             [Replications Check,FERRAZ1] A recent replication attempt failed:
                From FERRAZ to FERRAZ1
                Naming Context: DC=ForestDnsZones,DC=FerrazServer,DC=local
                The replication generated an error (8524):
                The DSA operation is unable to proceed because of a DNS lookup failure.
                The failure occurred at 2017-01-17 10:57:03.
                The last success occurred at 2017-01-16 16:37:33.
                4 failures have occurred since the last success.
                The guid-based DNS name 27bf2809-fdae-4052-a70b-470d36ed9949._msdcs.FerrazServer.local
                is not registered on one or more DNS servers.
             [Replications Check,FERRAZ1] A recent replication attempt failed:
                From FERRAZ to FERRAZ1
                Naming Context: CN=Schema,CN=Configuration,DC=FerrazServer,DC=local
                The replication generated an error (8524):
                The DSA operation is unable to proceed because of a DNS lookup failure.
                The failure occurred at 2017-01-17 10:56:47.
                The last success occurred at 2017-01-16 16:37:33.
                4 failures have occurred since the last success.
                The guid-based DNS name 27bf2809-fdae-4052-a70b-470d36ed9949._msdcs.FerrazServer.local
                is not registered on one or more DNS servers.
             ......................... FERRAZ1 failed test Replications
          Starting test: RidManager
             ......................... FERRAZ1 passed test RidManager
          Starting test: Services
             ......................... FERRAZ1 passed test Services
          Starting test: SystemLog
             An error event occurred.  EventID: 0x00000029
                Time Generated: 01/17/2017   10:55:18
                Event String: Hypervisor launch failed; Either VMX not present or not enabled in BIOS.
             An error event occurred.  EventID: 0x0000007C
                Time Generated: 01/17/2017   10:55:18
                Event String:
                The Virtualization Based Security enablement policy check at phase 0 failed with status: The request is not
    supported.
             A warning event occurred.  EventID: 0x000000DB
                Time Generated: 01/17/2017   10:55:26
                Event String: The driver \Driver\vmbusr failed to load for the device ROOT\VMBus\0000.
             An error event occurred.  EventID: 0x00000062
                Time Generated: 01/17/2017   10:55:29
                Event String:
                Volume D: (\Device\HarddiskVolume1) needs to be taken offline to perform a Full Chkdsk.  Please run "CHKDSK
    /F" locally via the command line, or run "REPAIR-VOLUME <drive:>" locally or remotely via PowerShell.
             An error event occurred.  EventID: 0xC0040089
                Time Generated: 01/17/2017   10:55:29
                Event String:
                The default transaction resource manager on volume D: encountered a non-retryable error and could not start.
      The data contains the error code.
             An error event occurred.  EventID: 0x00000062
                Time Generated: 01/17/2017   10:55:29
                Event String:
                Volume \\?\Volume{a5a7f62f-0000-0000-0000-e0a2d1010000} (\Device\HarddiskVolume3) needs to be taken offline
    to perform a Full Chkdsk.  Please run "CHKDSK /F" locally via the command line, or run "REPAIR-VOLUME <drive:>" locally
    or remotely via PowerShell.
             A warning event occurred.  EventID: 0x000000DB
                Time Generated: 01/17/2017   10:55:42
                Event String:
                The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\{92800497-d20f-11e6-8bb2-806e6f6e6963
    }#0000000000008000.
             A warning event occurred.  EventID: 0x000727AA
                Time Generated: 01/17/2017   10:56:08
                Event String:
                The WinRM service failed to create the following SPNs: WSMAN/FERRAZ1.FerrazServer.local; WSMAN/FERRAZ1.
             A warning event occurred.  EventID: 0x00002724
                Time Generated: 01/17/2017   10:56:13
                Event String:
                This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you s
    hould use only static IPv6 addresses.
             An error event occurred.  EventID: 0x00000423
                Time Generated: 01/17/2017   10:56:19
                Event String: The DHCP service failed to see a directory server for authorization.
             An error event occurred.  EventID: 0x00000416
                Time Generated: 01/17/2017   10:56:19
                Event String:
                The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain FerrazServer.loca
    l, has determined that it is not authorized to start.  It has stopped servicing clients.  The following are some possibl
    e reasons for this:
             An error event occurred.  EventID: 0x00000423
                Time Generated: 01/17/2017   10:56:20
                Event String: The DHCP service failed to see a directory server for authorization.
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:20
                Event String:
                The dynamic registration of the DNS record 'FerrazServer.local. 600 IN A 192.168.0.21' failed on the followi
    ng DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:21
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.FerrazServer.local. 600 IN SRV 0 100 389 FERRAZ1.Ferr
    azServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:22
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.FerrazServer.local. 60
    0 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:23
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.pdc._msdcs.FerrazServer.local. 600 IN SRV 0 100 389 F
    ERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:24
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.gc._msdcs.FerrazServer.local. 600 IN SRV 0 100 3268 F
    ERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:25
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.FerrazServer
    .local. 600 IN SRV 0 100 3268 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:26
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.cc97914b-59dc-4baf-a537-5c0e75378f75.domains._msdcs.F
    errazServer.local. 600 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:27
                Event String:
                The dynamic registration of the DNS record 'gc._msdcs.FerrazServer.local. 600 IN A 192.168.0.21' failed on t
    he following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:28
                Event String:
                The dynamic registration of the DNS record '1b037bf4-2b19-447b-9b24-d4b604be524f._msdcs.FerrazServer.local.
    600 IN CNAME FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:29
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.dc._msdcs.FerrazServer.local. 600 IN SRV 0 100 389 FE
    RRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:31
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.FerrazServer
    .local. 600 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:32
                Event String:
                The dynamic registration of the DNS record '_gc._tcp.FerrazServer.local. 600 IN SRV 0 100 3268 FERRAZ1.Ferra
    zServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0xC0001B7E
                Time Generated: 01/17/2017   10:56:31
                Event String:
                The WseMgmtSvc service was unable to log on as FerrazServer.local\ServerAdmin1$ with the currently configure
    d password due to the following error:
             An error event occurred.  EventID: 0xC0001B77
                Time Generated: 01/17/2017   10:56:31
                Event String:
                The WseMgmtSvc service terminated unexpectedly.  It has done this 1 time(s).  The following corrective actio
    n will be taken in 60000 milliseconds: Restart the service.
             An error event occurred.  EventID: 0xC0001B58
                Time Generated: 01/17/2017   10:56:31
                Event String: The WseMgmtSvc service failed to start due to the following error:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/17/2017   10:56:33
                Event String:
                The dynamic registration of the DNS record '_gc._tcp.Default-First-Site-Name._sites.FerrazServer.local. 600
    IN SRV 0 100 3268 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0xC0001B7A
                Time Generated: 01/17/2017   10:56:33
                Event String: The AtherosSvc service terminated unexpectedly.  It has done this 1 time(s).
             An error event occurred.  EventID: 0x00002720
                Time Generated: 01/17/2017   10:57:32
                Event String:
                The application-specific permission settings do not grant Local Activation permission for the COM Server app
    lication with CLSID
             An error event occurred.  EventID: 0x00000422
                Time Generated: 01/17/2017   11:01:11
                Event String:
                The processing of Group Policy failed. Windows attempted to read the file \\FerrazServer.local\sysvol\Ferraz
    Server.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Gr
    oup Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by
    one or more of the following:
             An error event occurred.  EventID: 0x00002720
                Time Generated: 01/17/2017   11:03:00
                Event String:
                The application-specific permission settings do not grant Local Activation permission for the COM Server app
    lication with CLSID
             An error event occurred.  EventID: 0x00000422
                Time Generated: 01/17/2017   11:06:11
                Event String:
                The processing of Group Policy failed. Windows attempted to read the file \\FerrazServer.local\sysvol\Ferraz
    Server.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Gr
    oup Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by
    one or more of the following:
             ......................... FERRAZ1 failed test SystemLog
          Starting test: VerifyReferences
             ......................... FERRAZ1 passed test VerifyReferences


       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation

       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation

       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation

       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation

       Running partition tests on : FerrazServer
          Starting test: CheckSDRefDom
             ......................... FerrazServer passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... FerrazServer passed test CrossRefValidation

       Running enterprise tests on : FerrazServer.local
          Starting test: LocatorCheck
             ......................... FerrazServer.local passed test LocatorCheck
          Starting test: Intersite
             ......................... FerrazServer.local passed test Intersite
    PS C:\Users\Administrator.FERRAZSERVER> repadmin /replsum
    Replication Summary Start Time: 2017-01-17 11:08:43

    Beginning data collection for replication summary, this may take awhile:
      .....


    Source DSA          largest delta    fails/total %%   error
     FERRAZ                18h:31m:10s    2 /   5   40  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.
     FERRAZ1           13d.07h:01m:23s    4 /   5   80  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.


    Destination DSA     largest delta    fails/total %%   error
     FERRAZ            13d.07h:01m:24s    4 /   5   80  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.
     FERRAZ1               18h:32m:35s    2 /   5   40  (8524) The DSA operation is unable to proceed because of a DNS looku
    p failure.


    PS C:\Users\Administrator.FERRAZSERVER> netdom query fsmo
    Schema master               FERRAZ1.FerrazServer.local
    Domain naming master        FERRAZ1.FerrazServer.local
    PDC                         FERRAZ1.FerrazServer.local
    RID pool manager            FERRAZ1.FerrazServer.local
    Infrastructure master       FERRAZ1.FerrazServer.local
    The command completed successfully.


    You should fix the port accessbility issue first,this is your main issue.

    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Tuesday, January 17, 2017 1:49 PM
  • Hi,

    Are there any updates?

    If the reply above has resolved your problem, please mark it as answer as it would be helpful to anyone who encounters the similar issue.

    Thank you.

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, January 23, 2017 6:21 AM
    Moderator
  • sorry, i haven't had time to test this and wont for a while. ill try in another 4-6 weeks because im busy.

    Kind Regards

    Josh

    Monday, January 23, 2017 9:51 AM
  • Hi,

    Look forward your good news.

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, January 23, 2017 1:41 PM
    Moderator
  • Once I read through your configuration, I think you have a bigger issue.

    You are running all this in an entirely unsupported configuration. In general without going into the full details, domain controllers expect to be able to communicate with each other for replication. If they cannot correctly replicate for a certain time period, then they never will correctly replicate again. Because you have different domain controllers running at different times, I think that replication and trust may have broken.

    In my opinion, the think to do at this point would be to leave them both running for up to 24 hours, force replication bi-directionally and then check the event logs for replication related errors.

    Monday, January 23, 2017 8:14 PM
  • hows this:

    Ran from DC02, with DC01 on as well

    Windows PowerShell
    Copyright (C) 2016 Microsoft Corporation. All rights reserved.

    PS C:\Users\Administrator.FERRAZSERVER> dcdiag

    Directory Server Diagnosis

    Performing initial setup:
       Trying to find home server...
       Home Server = FERRAZ1
       * Identified AD Forest.
       Done gathering initial info.

    Doing initial required tests

       Testing server: Default-First-Site-Name\FERRAZ1
          Starting test: Connectivity
             ......................... FERRAZ1 passed test Connectivity

    Doing primary tests

       Testing server: Default-First-Site-Name\FERRAZ1
          Starting test: Advertising
             Warning: DsGetDcName returned information for \\Ferraz.FerrazServer.local, when we were trying to reach
             FERRAZ1.
             SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
             ......................... FERRAZ1 failed test Advertising
          Starting test: FrsEvent
             ......................... FERRAZ1 passed test FrsEvent
          Starting test: DFSREvent
             There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL
             replication problems may cause Group Policy problems.
             ......................... FERRAZ1 failed test DFSREvent
          Starting test: SysVolCheck
             ......................... FERRAZ1 passed test SysVolCheck
          Starting test: KccEvent
             ......................... FERRAZ1 passed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... FERRAZ1 passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             ......................... FERRAZ1 passed test MachineAccount
          Starting test: NCSecDesc
             ......................... FERRAZ1 passed test NCSecDesc
          Starting test: NetLogons
             Unable to connect to the NETLOGON share! (\\FERRAZ1\netlogon)
             [FERRAZ1] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
             ......................... FERRAZ1 failed test NetLogons
          Starting test: ObjectsReplicated
             ......................... FERRAZ1 passed test ObjectsReplicated
          Starting test: Replications
             ......................... FERRAZ1 passed test Replications
          Starting test: RidManager
             ......................... FERRAZ1 passed test RidManager
          Starting test: Services
             ......................... FERRAZ1 passed test Services
          Starting test: SystemLog
             A warning event occurred.  EventID: 0x000727AA
                Time Generated: 01/28/2017   11:47:56
                Event String:
                The WinRM service failed to create the following SPNs: WSMAN/FERRAZ1.FerrazServer.local; WSMAN/FERRAZ1.
             A warning event occurred.  EventID: 0x00002724
                Time Generated: 01/28/2017   11:48:03
                Event String:
                This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you s
    hould use only static IPv6 addresses.
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:06
                Event String:
                The dynamic registration of the DNS record 'FerrazServer.local. 600 IN A 192.168.0.21' failed on the followi
    ng DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:07
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.FerrazServer.local. 600 IN SRV 0 100 389 FERRAZ1.Ferr
    azServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x00000423
                Time Generated: 01/28/2017   11:48:08
                Event String: The DHCP service failed to see a directory server for authorization.
             An error event occurred.  EventID: 0x00000416
                Time Generated: 01/28/2017   11:48:08
                Event String:
                The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain FerrazServer.loca
    l, has determined that it is not authorized to start.  It has stopped servicing clients.  The following are some possibl
    e reasons for this:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:08
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.FerrazServer.local. 60
    0 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:09
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.pdc._msdcs.FerrazServer.local. 600 IN SRV 0 100 389 F
    ERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0xC0001B61
                Time Generated: 01/28/2017   11:48:09
                Event String: A timeout was reached (30000 milliseconds) while waiting for the ADWS service to connect.
             An error event occurred.  EventID: 0xC0001B58
                Time Generated: 01/28/2017   11:48:09
                Event String: The ADWS service failed to start due to the following error:
             An error event occurred.  EventID: 0x00000423
                Time Generated: 01/28/2017   11:48:10
                Event String: The DHCP service failed to see a directory server for authorization.
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:10
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.gc._msdcs.FerrazServer.local. 600 IN SRV 0 100 3268 F
    ERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:11
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.FerrazServer
    .local. 600 IN SRV 0 100 3268 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:12
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.cc97914b-59dc-4baf-a537-5c0e75378f75.domains._msdcs.F
    errazServer.local. 600 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:13
                Event String:
                The dynamic registration of the DNS record 'gc._msdcs.FerrazServer.local. 600 IN A 192.168.0.21' failed on t
    he following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:14
                Event String:
                The dynamic registration of the DNS record '1b037bf4-2b19-447b-9b24-d4b604be524f._msdcs.FerrazServer.local.
    600 IN CNAME FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:15
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.dc._msdcs.FerrazServer.local. 600 IN SRV 0 100 389 FE
    RRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:16
                Event String:
                The dynamic registration of the DNS record '_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.FerrazServer
    .local. 600 IN SRV 0 100 389 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0xC0001B7E
                Time Generated: 01/28/2017   11:48:16
                Event String:
                The WseMgmtSvc service was unable to log on as FerrazServer.local\ServerAdmin1$ with the currently configure
    d password due to the following error:
             An error event occurred.  EventID: 0xC0001B77
                Time Generated: 01/28/2017   11:48:16
                Event String:
                The WseMgmtSvc service terminated unexpectedly.  It has done this 1 time(s).  The following corrective actio
    n will be taken in 60000 milliseconds: Restart the service.
             An error event occurred.  EventID: 0xC0001B58
                Time Generated: 01/28/2017   11:48:16
                Event String: The WseMgmtSvc service failed to start due to the following error:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:17
                Event String:
                The dynamic registration of the DNS record '_gc._tcp.FerrazServer.local. 600 IN SRV 0 100 3268 FERRAZ1.Ferra
    zServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0x0000168E
                Time Generated: 01/28/2017   11:48:18
                Event String:
                The dynamic registration of the DNS record '_gc._tcp.Default-First-Site-Name._sites.FerrazServer.local. 600
    IN SRV 0 100 3268 FERRAZ1.FerrazServer.local.' failed on the following DNS server:
             An error event occurred.  EventID: 0xC0001B7A
                Time Generated: 01/28/2017   11:48:18
                Event String: The AtherosSvc service terminated unexpectedly.  It has done this 1 time(s).
             An error event occurred.  EventID: 0x00002720
                Time Generated: 01/28/2017   11:49:17
                Event String:
                The application-specific permission settings do not grant Local Activation permission for the COM Server app
    lication with CLSID
             An error event occurred.  EventID: 0x00002720
                Time Generated: 01/28/2017   11:51:32
                Event String:
                The application-specific permission settings do not grant Local Activation permission for the COM Server app
    lication with CLSID
             An error event occurred.  EventID: 0xC0001B6F
                Time Generated: 01/28/2017   11:57:31
                EvtFormatMessage failed (second call), error 15030 The description string for parameter reference (%1) could
     not be found..
                (Event String (event log = System) could not be retrieved, error 0x3ab6)
             An error event occurred.  EventID: 0xC0001B6F
                Time Generated: 01/28/2017   12:02:31
                EvtFormatMessage failed (second call), error 15030 The description string for parameter reference (%1) could
     not be found..
                (Event String (event log = System) could not be retrieved, error 0x3ab6)
             An error event occurred.  EventID: 0xC0001B6F
                Time Generated: 01/28/2017   12:02:31
                EvtFormatMessage failed (second call), error 15030 The description string for parameter reference (%1) could
     not be found..
                (Event String (event log = System) could not be retrieved, error 0x3ab6)
             An error event occurred.  EventID: 0xC0001B6F
                Time Generated: 01/28/2017   12:02:31
                EvtFormatMessage failed (second call), error 15030 The description string for parameter reference (%1) could
     not be found..
                (Event String (event log = System) could not be retrieved, error 0x3ab6)
             A warning event occurred.  EventID: 0x00001796
                Time Generated: 01/28/2017   12:04:17
                Event String:
                Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and t
    his server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
             ......................... FERRAZ1 failed test SystemLog
          Starting test: VerifyReferences
             ......................... FERRAZ1 passed test VerifyReferences


       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation

       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation

       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation

       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation

       Running partition tests on : FerrazServer
          Starting test: CheckSDRefDom
             ......................... FerrazServer passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... FerrazServer passed test CrossRefValidation

       Running enterprise tests on : FerrazServer.local
          Starting test: LocatorCheck
             ......................... FerrazServer.local passed test LocatorCheck
          Starting test: Intersite
             ......................... FerrazServer.local passed test Intersite
    PS C:\Users\Administrator.FERRAZSERVER> repadmin /replsum
    Replication Summary Start Time: 2017-01-28 12:48:45

    Beginning data collection for replication summary, this may take awhile:
      .....


    Source DSA          largest delta    fails/total %%   error
     FERRAZ                    01m:10s    0 /   5    0
     FERRAZ1                   54m:44s    0 /   5    0


    Destination DSA     largest delta    fails/total %%   error
     FERRAZ                    54m:44s    0 /   5    0
     FERRAZ1                   01m:10s    0 /   5    0


    PS C:\Users\Administrator.FERRAZSERVER> netdom query fsmo
    Schema master               FERRAZ1.FerrazServer.local
    Domain naming master        FERRAZ1.FerrazServer.local
    PDC                         FERRAZ1.FerrazServer.local
    RID pool manager            FERRAZ1.FerrazServer.local
    Infrastructure master       FERRAZ1.FerrazServer.local
    The command completed successfully.

    PS C:\Users\Administrator.FERRAZSERVER>

    Also, i want to demote DC01 when DC02 works independently. 

    Saturday, January 28, 2017 2:53 AM
  • Thanks for everything, unfortunately nothing succeeded so in the end, i stood up a new domain wiping the old one. 
    • Marked as answer by Joshua Ferraz Sunday, February 5, 2017 5:36 AM
    Sunday, February 5, 2017 5:36 AM