Domain Controller not functioning properly.

Dear Experts,

I having an issue in logon to domain from domain servers. I couldnt logon to domain member when my additional domain controller was on power off, even the PDC (where fsmo roles are currenlty running) is online. Came up with error logon servers not available. Even another additonal domain controllers recently created also couldnt logon to itself. Once after putup online earlier ADC logon is possible. Yesterday only i noticed that, when i tried to move ADC virtual machine to another Hyper-v host.

One more my previous action who like to explain here.. Earlier PDC was a baremetal server recently changed to Virtual server and transferred all roles to the current PDC (currently Virtual) since before itself the ADC was virtual and still virtual.

What will be the issue, why domain is pointed to ADC still when PDC with all fsmo roles are online.? help me to rectify.

Thanks
Shamil



First run DCDIAG on the new domain controller to see if it's in a healthy state. This could be anything from replication not working to DNS issues.



First run DCDIAG on the new domain controller to see if it's in a healthy state. This could be anything from replication not working to DNS issues.



Ok. I will get to you with result.



here am pasting dcdiag result.. please have a look.



Directory Server Diagnosis


Performing initial setup:
Trying to find home server...

Home Server = dc01

* Identified AD Forest.
Done gathering initial info.


Doing initial required tests


Testing server: Default-First-Site-NameDC01

Starting test: Connectivity

......................... DC01 passed test Connectivity



Doing primary tests


Testing server: Default-First-Site-NameDC01

Starting test: Advertising

Warning: DsGetDcName returned information for \adcsvr.hgpt.my, when

we were trying to reach DC01.

SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.

......................... DC01 failed test Advertising

Starting test: FrsEvent

......................... DC01 passed test FrsEvent

Starting test: DFSREvent

......................... DC01 passed test DFSREvent

Starting test: SysVolCheck

......................... DC01 passed test SysVolCheck

Starting test: KccEvent

......................... DC01 passed test KccEvent

Starting test: KnowsOfRoleHolders

......................... DC01 passed test KnowsOfRoleHolders

Starting test: MachineAccount

......................... DC01 passed test MachineAccount

Starting test: NCSecDesc

......................... DC01 passed test NCSecDesc

Starting test: NetLogons

Unable to connect to the NETLOGON share! (\DC01netlogon)

[DC01] An net use or LsaPolicy operation failed with error 67,

The network name cannot be found..

......................... DC01 failed test NetLogons

Starting test: ObjectsReplicated

......................... DC01 passed test ObjectsReplicated

Starting test: Replications

......................... DC01 passed test Replications

Starting test: RidManager

......................... DC01 passed test RidManager

Starting test: Services

......................... DC01 passed test Services

Starting test: SystemLog

......................... DC01 failed test SystemLog

Starting test: VerifyReferences

......................... DC01 passed test VerifyReferences



Running partition tests on : ForestDnsZones

Starting test: CheckSDRefDom

......................... ForestDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... ForestDnsZones passed test

CrossRefValidation


Running partition tests on : DomainDnsZones

Starting test: CheckSDRefDom

......................... DomainDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... DomainDnsZones passed test

CrossRefValidation


Running partition tests on : Schema

Starting test: CheckSDRefDom

......................... Schema passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Schema passed test CrossRefValidation


Running partition tests on : Configuration

Starting test: CheckSDRefDom

......................... Configuration passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Configuration passed test CrossRefValidation


Running partition tests on : hgpt

Starting test: CheckSDRefDom

......................... hgpt passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... hgpt passed test CrossRefValidation


Running enterprise tests on : hgpt.my

Starting test: LocatorCheck

......................... hgpt.my passed test LocatorCheck

Starting test: Intersite

......................... hgpt.my passed test Intersite



This DC is not sharing out SYSVOL and is not advertising as a DC. It is likely it will not be used by clients when trying to discover a domain controller. Hence, the reason why clients default to the other DC. Basically, you'll need to dig into the directory service event logs to find out why it's not working. Or, since it's not working anyway consider demoting / repromoting the DC role.



OK i will try to repromote one of my addtional domain controller.. And will update you. But still another 2 more addtional dc to rectify same issue.

Share this

Related Posts

There was an error in this gadget