I have a Windows 2003 domain, where the main DC is a Windows 2003 server, but all the other DCs are 2000. All of the FSMO roles are on the 2003 server and each of the 2000 servers are GCs.
Recently I noticed that one of the 2000 servers are not replicating AD. Many user records that have been dsiabled or deleted or moved to different containers are still active in the 2000 server.
When I look at the event log there are many errors including a "Konwledge Consistency" error event ID 1265 that shows access denied.
When I run DC Diag I get LDAP bind failure where the 2003 server is identified as the Schema Owner, Domain Owner, PDC Owner, Rid Owner etc....but all of them give not responding to LDAP and DS RPC bind messages.
Is this a DNS issue? If so, should I remove DNS and reinstall it? If so what are the steps to remove DNS? Do I simply delete the forward and reverse zones and rebuild or do I uninstall DNS and reinstall and then recreate the zones?