The specified domain controller either does not exist or could not be contacted
Hello,
I have an AD domain running 2 DC's... one local DC running Server 2008 R2, the other DC is in the AWS cloud with a site to site VPN tunnel established running Server 2012.
When I attempt to open Group Policy Management on either DC, I am presented with the following error: The specified domain controller could not be contacted. I have attached a screenshot of the exact error.
I am running a single domain with 2 DNS forward lookup zones.. _msdcs.domain.local and domain.local
I have logged in to every server in the domain and verified that the DNS settings are set correctly for each machine.
I can ping the dc's back and forth from various machines by IP and DNS name.
I'm not too sure where my problem lies, a DNS issue or a group policy issue.
We used to have two DC's on site here, but I moved one DC to the AWS cloud and decommissioned the old local one once the migration was complete, leaving one DC here on site. This problem seemed to pop up after that was done. This was done over a month or two ago though and users have been able to log off and on the domain just fine and replication seems to be working as well.
My dcdiag output is below... any help would be greatly appreciated.
C:\Windows\System32>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = C-DC01
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: AmazonAWS\C-DC01
Starting test: Connectivity
......................... C-DC01 passed test Connectivity
Doing primary tests
Testing server: AmazonAWS\C-DC01
Starting test: Advertising
Warning: C-DC01 is not advertising as a time server.
......................... C-DC01 failed test Advertising
Starting test: FrsEvent
......................... C-DC01 passed test FrsEvent
Starting test: DFSREvent
......................... C-DC01 passed test DFSREvent
Starting test: SysVolCheck
......................... C-DC01 passed test SysVolCheck
Starting test: KccEvent
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
......................... C-DC01 failed test KccEvent
Starting test: KnowsOfRoleHolders
[DC01] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
Warning: DC01 is the Schema Owner, but is not responding to DS RPC
Bind.
Ldap search capability attribute search failed on server DC01, return
value = 81
Warning: DC01 is the Schema Owner, but is not responding to LDAP Bind.
Warning: DC01 is the Domain Owner, but is not responding to DS RPC
Bind.
Warning: DC01 is the Domain Owner, but is not responding to LDAP Bind.
Warning: DC01 is the PDC Owner, but is not responding to DS RPC Bind.
Warning: DC01 is the PDC Owner, but is not responding to LDAP Bind.
Warning: DC01 is the Rid Owner, but is not responding to DS RPC Bind.
Warning: DC01 is the Rid Owner, but is not responding to LDAP Bind.
Warning: DC01 is the Infrastructure Update Owner, but is not
responding to DS RPC Bind.
Warning: DC01 is the Infrastructure Update Owner, but is not
responding to LDAP Bind.
......................... C-DC01 failed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... C-DC01 passed test MachineAccount
Starting test: NCSecDesc
......................... C-DC01 passed test NCSecDesc
Starting test: NetLogons
......................... C-DC01 passed test NetLogons
Starting test: ObjectsReplicated
......................... C-DC01 passed test ObjectsReplicated
Starting test: Replications
REPLICATION-RECEIVED LATENCY WARNING
C-DC01: Current time is 2017-01-19 00:12:12.
DC=DomainDnsZones,DC=abr,D
Last replication received from DC01 at
2016-12-13 11:35:47
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
DC=ForestDnsZones,DC=abr,D
Last replication received from DC01 at
2016-12-13 10:48:53
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
CN=Schema,CN=Configuration
Last replication received from DC01 at
2016-12-13 10:48:53
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
CN=Configuration,DC=abr,DC
Last replication received from DC01 at
2016-12-13 11:40:12
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
DC=abr,DC=local
Last replication received from DC01 at
2016-12-13 11:45:45
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
......................... C-DC01 passed test Replications
Starting test: RidManager
......................... C-DC01 failed test RidManager
Starting test: Services
......................... C-DC01 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x00000081
Time Generated: 01/18/2017 23:27:53
Event String:
NtpClient was unable to set a domain peer to use as a time source be
cause of discovery error. NtpClient will try again in 15 minutes and double the
reattempt interval thereafter. The error was: The entry is not found. (0x800706E
1)
A warning event occurred. EventID: 0x00000C18
Time Generated: 01/18/2017 23:54:27
Event String:
The primary Domain Controller for this domain could not be located.
......................... C-DC01 failed test SystemLog
Starting test: VerifyReferences
......................... C-DC01 passed test VerifyReferences
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : abr
Starting test: CheckSDRefDom
......................... abr passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... abr passed test CrossRefValidation
Running enterprise tests on : abr.local
Starting test: LocatorCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... abr.local failed test LocatorCheck
Starting test: Intersite
......................... abr.local passed test Intersite
error.PNG
I have an AD domain running 2 DC's... one local DC running Server 2008 R2, the other DC is in the AWS cloud with a site to site VPN tunnel established running Server 2012.
When I attempt to open Group Policy Management on either DC, I am presented with the following error: The specified domain controller could not be contacted. I have attached a screenshot of the exact error.
I am running a single domain with 2 DNS forward lookup zones.. _msdcs.domain.local and domain.local
I have logged in to every server in the domain and verified that the DNS settings are set correctly for each machine.
I can ping the dc's back and forth from various machines by IP and DNS name.
I'm not too sure where my problem lies, a DNS issue or a group policy issue.
We used to have two DC's on site here, but I moved one DC to the AWS cloud and decommissioned the old local one once the migration was complete, leaving one DC here on site. This problem seemed to pop up after that was done. This was done over a month or two ago though and users have been able to log off and on the domain just fine and replication seems to be working as well.
My dcdiag output is below... any help would be greatly appreciated.
C:\Windows\System32>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = C-DC01
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: AmazonAWS\C-DC01
Starting test: Connectivity
......................... C-DC01 passed test Connectivity
Doing primary tests
Testing server: AmazonAWS\C-DC01
Starting test: Advertising
Warning: C-DC01 is not advertising as a time server.
......................... C-DC01 failed test Advertising
Starting test: FrsEvent
......................... C-DC01 passed test FrsEvent
Starting test: DFSREvent
......................... C-DC01 passed test DFSREvent
Starting test: SysVolCheck
......................... C-DC01 passed test SysVolCheck
Starting test: KccEvent
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
A warning event occurred. EventID: 0x8000082D
Time Generated: 01/19/2017 00:09:00
Event String:
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
An error event occurred. EventID: 0xC0000748
Time Generated: 01/19/2017 00:09:00
Event String:
This is the replication status for the following directory partition
on this directory server.
......................... C-DC01 failed test KccEvent
Starting test: KnowsOfRoleHolders
[DC01] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
Warning: DC01 is the Schema Owner, but is not responding to DS RPC
Bind.
Ldap search capability attribute search failed on server DC01, return
value = 81
Warning: DC01 is the Schema Owner, but is not responding to LDAP Bind.
Warning: DC01 is the Domain Owner, but is not responding to DS RPC
Bind.
Warning: DC01 is the Domain Owner, but is not responding to LDAP Bind.
Warning: DC01 is the PDC Owner, but is not responding to DS RPC Bind.
Warning: DC01 is the PDC Owner, but is not responding to LDAP Bind.
Warning: DC01 is the Rid Owner, but is not responding to DS RPC Bind.
Warning: DC01 is the Rid Owner, but is not responding to LDAP Bind.
Warning: DC01 is the Infrastructure Update Owner, but is not
responding to DS RPC Bind.
Warning: DC01 is the Infrastructure Update Owner, but is not
responding to LDAP Bind.
......................... C-DC01 failed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... C-DC01 passed test MachineAccount
Starting test: NCSecDesc
......................... C-DC01 passed test NCSecDesc
Starting test: NetLogons
......................... C-DC01 passed test NetLogons
Starting test: ObjectsReplicated
......................... C-DC01 passed test ObjectsReplicated
Starting test: Replications
REPLICATION-RECEIVED LATENCY WARNING
C-DC01: Current time is 2017-01-19 00:12:12.
DC=DomainDnsZones,DC=abr,D
Last replication received from DC01 at
2016-12-13 11:35:47
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
DC=ForestDnsZones,DC=abr,D
Last replication received from DC01 at
2016-12-13 10:48:53
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
CN=Schema,CN=Configuration
Last replication received from DC01 at
2016-12-13 10:48:53
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
CN=Configuration,DC=abr,DC
Last replication received from DC01 at
2016-12-13 11:40:12
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
DC=abr,DC=local
Last replication received from DC01 at
2016-12-13 11:45:45
Last replication received from DC2 at
2016-04-10 14:53:12
WARNING: This latency is over the Tombstone Lifetime of 180
days!
......................... C-DC01 passed test Replications
Starting test: RidManager
......................... C-DC01 failed test RidManager
Starting test: Services
......................... C-DC01 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x00000081
Time Generated: 01/18/2017 23:27:53
Event String:
NtpClient was unable to set a domain peer to use as a time source be
cause of discovery error. NtpClient will try again in 15 minutes and double the
reattempt interval thereafter. The error was: The entry is not found. (0x800706E
1)
A warning event occurred. EventID: 0x00000C18
Time Generated: 01/18/2017 23:54:27
Event String:
The primary Domain Controller for this domain could not be located.
......................... C-DC01 failed test SystemLog
Starting test: VerifyReferences
......................... C-DC01 passed test VerifyReferences
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : abr
Starting test: CheckSDRefDom
......................... abr passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... abr passed test CrossRefValidation
Running enterprise tests on : abr.local
Starting test: LocatorCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... abr.local failed test LocatorCheck
Starting test: Intersite
......................... abr.local passed test Intersite
error.PNG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.