sshilha
asked on
Server 2012 Active Directory Error
I have a single server setup that I installed the active directory role on then promoted to a domain controller. This server was a domain controller at one time, but was demoted because it no longer needed that functionality. After the promotion I was able to log into the server but when trying to get into any Active Directory function I am getting an error that either the Domain doesn't exist or that it is unreachable. I am also unable to see the SYSVOL and NETLOGIN directories when running a NET SHARE. All posts that I have read point to a DNS issue, but I have had very little luck finding anything wrong with DNS. Could there be issues because this server was once a DC and demoted and now I am using it as a DC again?
Hypercat (Deb)
Assuming DNS is installed on this server (it must be to function correctly), is it set to use itself as the primary DNS server? Can you ping other DC's on the domain? Again, assuming the DNS zone is AD-integrated, is it replicating properly to this server? When you check your DNS zone on another DC, do you see this server listed as a domain controller?
Run dcdiag on this server and post your results.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This is the only server and DC that is on the network. It was demoted prior to being put into production since I would not be using that functionality...this is a very small environment with only three computers in the company. It is running Server 2012 essentials and recently I became aware that you have to run 2012 as a domain controller or it will shut down every week. In an attempt to fix the issue I reinstalled Active Directory and promoted the server to domain controller. Then my issues started as it is not seeing the server as a domain controller. It is set to use itself as DNS with a secondary DNS of the loopback address.
Demoting 2012 essentials causes irreversible damage. You must format and reinstall.
ASKER
Is there any way around the licensing service shutting the server down every week?
ASKER
Here are the results of the dcdiag...
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = PD-PDC-Server
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\PD
Starting test: Connectivity
......................... PD-PDC-SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\PD
Starting test: Advertising
Fatal Error:DsGetDcName (PD-PDC-SERVER) call failed, error 1355
The Locator could not find the server.
......................... PD-PDC-SERVER failed test Advertising
Starting test: FrsEvent
......................... PD-PDC-SERVER passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... PD-PDC-SERVER failed test DFSREvent
Starting test: SysVolCheck
......................... PD-PDC-SERVER passed test SysVolCheck
Starting test: KccEvent
......................... PD-PDC-SERVER passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... PD-PDC-SERVER passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... PD-PDC-SERVER passed test MachineAccount
Starting test: NCSecDesc
......................... PD-PDC-SERVER passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\PD-PDC-SERVER\netlogon)
[PD-PDC-SERVER] An net use or LsaPolicy operation failed with error
67, The network name cannot be found..
......................... PD-PDC-SERVER failed test NetLogons
Starting test: ObjectsReplicated
......................... PD-PDC-SERVER passed test ObjectsReplicated
Starting test: Replications
......................... PD-PDC-SERVER passed test Replications
Starting test: RidManager
......................... PD-PDC-SERVER passed test RidManager
Starting test: Services
......................... PD-PDC-SERVER passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0xC00038D6
Time Generated: 05/04/2015 16:57:00
Event String:
The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.
......................... PD-PDC-SERVER failed test SystemLog
Starting test: VerifyReferences
......................... PD-PDC-SERVER passed test VerifyReferences
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : PropaneDepot
Starting test: CheckSDRefDom
......................... PropaneDepot passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... PropaneDepot passed test CrossRefValidation
Running enterprise tests on : PropaneDepot.com
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... PropaneDepot.com failed test LocatorCheck
Starting test: Intersite
......................... PropaneDepot.com passed test Intersite
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = PD-PDC-Server
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\PD
Starting test: Connectivity
......................... PD-PDC-SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\PD
Starting test: Advertising
Fatal Error:DsGetDcName (PD-PDC-SERVER) call failed, error 1355
The Locator could not find the server.
......................... PD-PDC-SERVER failed test Advertising
Starting test: FrsEvent
......................... PD-PDC-SERVER passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... PD-PDC-SERVER failed test DFSREvent
Starting test: SysVolCheck
......................... PD-PDC-SERVER passed test SysVolCheck
Starting test: KccEvent
......................... PD-PDC-SERVER passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... PD-PDC-SERVER passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... PD-PDC-SERVER passed test MachineAccount
Starting test: NCSecDesc
......................... PD-PDC-SERVER passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\PD-PDC-SERVER\netlogon)
[PD-PDC-SERVER] An net use or LsaPolicy operation failed with error
67, The network name cannot be found..
......................... PD-PDC-SERVER failed test NetLogons
Starting test: ObjectsReplicated
......................... PD-PDC-SERVER passed test ObjectsReplicated
Starting test: Replications
......................... PD-PDC-SERVER passed test Replications
Starting test: RidManager
......................... PD-PDC-SERVER passed test RidManager
Starting test: Services
......................... PD-PDC-SERVER passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0xC00038D6
Time Generated: 05/04/2015 16:57:00
Event String:
The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.
......................... PD-PDC-SERVER failed test SystemLog
Starting test: VerifyReferences
......................... PD-PDC-SERVER passed test VerifyReferences
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : PropaneDepot
Starting test: CheckSDRefDom
......................... PropaneDepot passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... PropaneDepot passed test CrossRefValidation
Running enterprise tests on : PropaneDepot.com
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... PropaneDepot.com failed test LocatorCheck
Starting test: Intersite
......................... PropaneDepot.com passed test Intersite
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.