none
Verification of replica failed. Active directory domain controller for the domain XYZ could not be contacted. Ensure that you supplied the correct DNS domain name

    Question

  • I am getting following error while I was trying to add secondary AD server to my domain:

    "Verification of replica failed. Active directory domain controller for the domain XYZ could not be contacted. Ensure that you supplied the correct DNS domain name"

    What I already tried:

    ipconfig /resgisterdns and ipconfig /flushdns on both old Primary Active Directory DNS server 2008 and brand new 2012 server (Clean install of AD DS, to which I am configuring)

    adprep of forest and domain on server 2008

    resolved all connection issues and 2008 is pinging properly

    Firewalls off on both 2008 and 2012

    tried disabling IPv6

    Started all Computer Browser related services and are set to automatic

    Time settings

    I can nslookup from both servers easily and IP seems to be correct

    DNS server (2008) has only one itself's IP in primary DNS server

    DNS has records in domain name (In DNS manager) and Dynamic Updates, click secure only.

    net stop "net logon" 

    net start "net logon"

    -----

    What was the reason to update to 2012?

    ---> My old secondary 2008 DNS server had BSOD because its Active directory was broken

    ----> I already followed steps given at http://www.petri.co.il/delete_failed_dcs_from_ad.htm to delete that server. which is now deleted

    Saturday, July 06, 2013 7:08 AM

Answers

All replies

  • Hello,

    please post the following output here:

    "ipconfig /all" from the existing DC/DNS server and the new server.

    "netdom query fsmo" from the existing DC

    Does the existing DC have the forward lookup zones:

    "msdcs_forest.com" and "msdcs_" listed where the first one contains the existing machines and also have the folder structure for DNS and all records listed for the existing DC/DNS server and an A record for the new machine(please post a screenshot)?


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Sunday, July 07, 2013 5:39 PM
  • checkout the DCPROMO.LOG file in C:\Windows\Debug

    what is it saying?


    Jorge de Almeida Pinto [MVP-DS] | Principal Consultant | BLOG: http://jorgequestforknowledge.wordpress.com/

    Sunday, July 07, 2013 9:18 PM
    Moderator
  • There can be multiple reason like your security software being the one of the cause, high latency in the network, fault in the cable/port etc which is blocking. I would also be interested to see the information requested by Meinolf to get the better picture.

    Active Directory Replication Status Tool Released

    Troubleshooting AD replications.

    http://social.technet.microsoft.com/wiki/contents/articles/2285.aspx

    http://technet.microsoft.com/en-us/library/cc949120%28v=ws.10%29.aspx


    Awinish Vishwakarma - MVP

    My Blog: awinish.wordpress.com

    Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Monday, July 08, 2013 2:53 AM
    Moderator
  • Hi,

    Any updates?

    Please feel free to let us know if you need further assistance.

    Regards.

    If you have any feedback on our support, please click here


    Vivian Wang
    TechNet Community Support

    Wednesday, July 10, 2013 6:08 AM
    Moderator