Event Details

Product: Windows Operating System
Event ID: 1202
Source: DFSR
Version: Windows Server 2008 R2, Windows Server 2008, Windows Server 2003 R2
Message: Service could not contact domain controller to access configuration objects


The DFS Replication service failed to contact a domain controller to access configuration information. The service will try again during the next configuration polling cycle. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.


DFS Replication failed to contact a domain controller to retrieve configuration information. If replication was working previously, the service will use cached configuration stored locally but will not respond to any configuration changes until the issue is resolved.
This issue can be caused by the following factors:

  • Basic network connectivity issues
  • Firewall settings
  • Active Directory Domain Services (AD DS) issues


Test basic network connectivity

To test network connectivity with the affected server, use the following procedure:

  1. Open a command prompt window and then use the ping command to check basic network connectivity.
    If the ping command fails, it is likely that the server is not running, or has network problems that require local access to resolve. If ping is blocked in your network environment, skip this step.
  2. If the ping command is successful, test the server’s registration in DNS by using the nslookup command.
    If the nslookup command fails, there is a problem with DNS. Check the DNS server health or contact the DNS server administrator.
  3. If the nslookup command succeeds, DNS is working properly.

Note: For more information about troubleshooting network issues, see article 325487 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?linkid=46059).

Check Firewall settings

If a firewall has been configured between replication partners, ensure that it is not blocking RPC communication. DFS Replication depends on RPC for communication. DFS Replication uses the RPC Endpoint Mapper (port 135) and a randomly assigned dynamic port in the range of 49152 through 65535 for Windows Server 2008 R2 and Windows Server 2008, or in the range of 1025 through 5000 for Windows Server 2003 R2.

You can use the Dfsrdiag command-line tool to specify a static port instead of the dynamic port. For more information about how to specify the RPC Endpoint Mapper, see article 154596 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=73991). For more information about dynamic port usage in Windows Server 2008, see article 929851 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=187092).


To test DFS Replication’s ability to communicate with AD DS, open a command prompt window and then type the following command: Dfsrdiag pollad /verbose. The command should report Operation Succeeded. If not, there is a problem communicating with AD DS.

See Also