Domain Controller connectivity issues.

I am having problems with my Domain Controller that also hosts all the roles in the domain.

Running a DCDIAG gives me this

Performing initial setup:
   Trying to find home server...
   Home Server = xxxxx
   [xxxxx] Directory Binding Error 1722:
   Win32 Error 1722
   This may limit some of the tests that can be performed.
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\xxxxx
      Starting test: Connectivity
         [xxxxx] DsBindWithSpnEx() failed with error 1722,
         Win32 Error 1722.
         ......................... xxxxx failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\xxxxx
      Skipping all tests, because server xxxxx  is not responding to
      directory service requests.

So i restarted DNS, still the same problem. I have ran a ping to my other DC and all 1MS response and 0 dropped packets.

Under the network and sharing center i can see the diagram that says the server has no connection to the domain or internet, but i can browse the web.

The RPC service is running. If i look at the Operation Masters on this machine, it shows them all correctly. If i do it on my other domain controller it says "Error" under all the roles.

dcdiag /e returns this

Warning: xxxx is the Schema Owner, but is not responding to DS
RPC Bind.
Warning: xxxx  is the Domain Owner, but is not responding to DS
RPC Bind.
Warning: xxxx  is the PDC Owner, but is not responding to DS RPC
Bind.
Warning: xxxx  is the Rid Owner, but is not responding to DS RPC
Bind.
Warning: xxxx  is the Infrastructure Update Owner, but is not
responding to DS RPC Bind.

I have ran DCDIAG /TEST:DNS /V /E /F:<filename.log> and attached it xxxx is the faulty DC and ZZZZ is the other DC.

NLTEST /DSGETDC:domain.local returns no errors.

Any ideas what could be causing this? I am considering seizing the roles on my other DC and then demoting / promoting the server again but thought i would see what ideas people had here.

Both DC's are 2008 with DNS trouble machine has DHCP which is working.
logs.txt
LVL 6
CaptainGibletsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gurutcCommented:
It looks like the TCPIP stack is having issues.  You can fix away at this Server, but seizing the roles on the other one, demoting and promoting may give you the cleanest and least corrupt final product.  

- gurutc
0
Miguel Angel Perez MuñozCommented:
I think some on the network is not working fine.

Both DC are on same subnet? in case not, check communication between them
Faulty DC has corrected IP address? check
Have you try reboot faulty DC?
Ensure network (cables, ethernet ports, etc) is fine.

In case this DC can not be recovered, only way is:

Seize roles on working DC> http://technet.microsoft.com/es-es/library/cc816779(v=ws.10).aspx
Dcpromo -forceremoval on faulty DC
Metadata cleanup> http://technet.microsoft.com/es-es/library/cc816907(v=ws.10).aspx
Format and reinstall affected DC.
0
SreRajCommented:
Hi,

Please verify that networking components like Client for Microsoft Networks, Files and Printer Sharing for Microsoft Networks and Internet Protocol Version 4 are intact. If they are in corrupted state, then you could repair them using the following link.

http://support.microsoft.com/kb/299357

Please check the DC is having statically assigned IP Address and DNS Hostname registered for this DC is resolving to correct IP Address.

Verify that DNS SRV records exists for this DC in DNS. Following article has information regarding SRV records required for a DC.

http://support.microsoft.com/kb/816587
0
MaheshArchitectCommented:
before going to role seizure just try below.

On the affected DC
1.Stop the Kerberos Key Distribution Center service, and then set the startup value to Manual.
2.Run below command:
netdom resetpwd /server:another domain controller /userd:domain\administrator /passwordd:administrator password

Make sure that the netdom command is returned as completed successfully. If it is not, the command did not work. For the domain Contoso, where the affected domain controller is DC1, and a working domain controller is DC2, you run the following netdom command from the console of DC1:

netdom resetpwd /server:DC2 /userd:contoso\administrator /passwordd:administrator password
3.Restart the affected domain controller.
4.Start the Kerberos Key Distribution Center service, and then set the startup setting to Automatic.

Now check if your DC is functioning properly
Original Source:
http://support.microsoft.com/kb/837513

Mahesh
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.