Only have one DC and it can no longer be found in my domain, what gives?
Hello, This is my first post so if I have left out anything or am in the wrong section please guide me to the correct section/information. Brief History of what happened: Have a Server (2008 r2) that is a DC, DNS, exchange. Had 1 hard drive with 6 partitions (done by the previous admin). Everything was working fine but the C:drive was filling up so decided to combine the C: drive and the D: drive. Deleted the D: drive and successfully combined the C: and D:. Now the C: drive has about 14GB of free space. After messing around a bit decided to reboot the machine and the DC never booted back up. It would get all the way to a black screen with a mouse and then reboot. I found out that the D: drive had the windows\NTDS\ntds.dit, edb.chk, and temp.edb Files. I next booted the pc into the Directory Service Restore mode. In this mode I was able to recreate the 6 partitions and tried a restore of individual files. This did not work. Then tried to restore the entire D volume and this did not work. I last tried to System State. And this did the trick. After it was finished the server could now boot up and I could log in with a Domain account, Computers could browse the Internet with the DNS server. I could also send and receive email. My Issue: I have a very small network only about 6 machines. I have one machine that is the DC, Exchange, DNS and holds all the FSMO roles (Windows Server 2008 r2). Currently on the machine I cannot open Active Directory Users and Computers, sites and services, Exchange Management console. I Can However, Send and receive email, authenticate users when logging on. Active Directory Users and Computers gives the following error when trying to open - "Naming information cannot be located for the following reason: The server is not operational" Once I click ok the snap in appears with a red x. If I right click and select "Change Domain Controller" any writable domain controller is greyed out and This Domain Controller or AD LDS instance is the only selected option with nothing in the box below to select. If I right click and select "change domain" and then click browse I can see my domain. When I select it and click ok sometimes it comes up and other times I get "The domain could not be found because the server is not operational." When clicking on Sites and Services I receive - "Naming information cannot be located for the following reason: The server is not operational" When I click on ADSI Edit - I see all my correct information. All my OU's and CN's are there. When I open the Exchange Management Console I get the following error -get-ExchangeServer Error, An Active Directory error 0x8007203A occurred while searching for domain controllers in domain (My domain name). The server is not operational. I get the same exact message for "get-UMServer" I ran DCDIAG /test:dns and everything returned back as passing I ran DCDIAG and here are the results: Directory Server Diagnosis Performing initial setup: Trying to find home server... Home Server = WBCSERV2008R2 * Identified AD Forest. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\WBCSERV2008R2 Starting test: Connectivity ......................... WBCSERV2008R2 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\WBCSERV2008R2 Starting test: Advertising Fatal Error:DsGetDcName (WBCSERV2008R2) call failed, error 1355 The Locator could not find the server. ......................... WBCSERV2008R2 failed test Advertising Starting test: FrsEvent ......................... WBCSERV2008R2 passed test FrsEvent Starting test: DFSREvent There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. ......................... WBCSERV2008R2 failed test DFSREvent Starting test: SysVolCheck ......................... WBCSERV2008R2 passed test SysVolCheck Starting test: KccEvent ......................... WBCSERV2008R2 passed test KccEvent Starting test: KnowsOfRoleHolders ......................... WBCSERV2008R2 passed test KnowsOfRoleHolders Starting test: MachineAccount ......................... WBCSERV2008R2 passed test MachineAccount Starting test: NCSecDesc ......................... WBCSERV2008R2 passed test NCSecDesc Starting test: NetLogons Unable to connect to the NETLOGON share! (\\WBCSERV2008R2\netlogon) [WBCSERV2008R2] An net use or LsaPolicy operation failed with error 67, The network name cannot be found.. ......................... WBCSERV2008R2 failed test NetLogons Starting test: ObjectsReplicated ......................... WBCSERV2008R2 passed test ObjectsReplicated Starting test: Replications ......................... WBCSERV2008R2 passed test Replications Starting test: RidManager ......................... WBCSERV2008R2 passed test RidManager Starting test: Services ......................... WBCSERV2008R2 passed test Services Starting test: SystemLog An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:05:18 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0xC00038D6 Time Generated: 08/29/2012 14:08:59 Event String: The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data. An error event occurred. EventID: 0x0000041E Time Generated: 08/29/2012 14:10:18 Event String: The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly. An error event occurred. EventID: 0x0000041E Time Generated: 08/29/2012 14:15:18 Event String: The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly. A warning event occurred. EventID: 0x000003F6 Time Generated: 08/29/2012 14:19:35 Event String: Name resolution for the name www.elgms.com timed out after none of the configured DNS servers responded. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:20:19 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:25:21 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:29:07 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:30:22 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0xC0001B61 Time Generated: 08/29/2012 14:31:46 Event String: A timeout was reached (30000 milliseconds) while waiting for the File Replication service to connect. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:35:24 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:40:26 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:45:28 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:50:29 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 14:55:31 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. An error event occurred. EventID: 0x00000406 Time Generated: 08/29/2012 15:00:32 Event String: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful. ......................... WBCSERV2008R2 failed test SystemLog Starting test: VerifyReferences ......................... WBCSERV2008R2 passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : WESTWAY-ONLINE Starting test: CheckSDRefDom ......................... WESTWAY-ONLINE passed test CheckSDRefDom Starting test: CrossRefValidation ......................... WESTWAY-ONLINE passed test CrossRefValidation Running enterprise tests on : WESTWAY-ONLINE.COM Starting test: LocatorCheck Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355 A Global Catalog Server could not be located - All GC's are down. Warning: DcGetDcName(TIME_SERVER) call failed, error 1355 A Time Server could not be located. The server holding the PDC role is down. Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355 A Good Time Server could not be located. Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355 A KDC could not be located - All the KDCs are down. ......................... WESTWAY-ONLINE.COM failed test LocatorCheck Starting test: Intersite ......................... WESTWAY-ONLINE.COM passed test Intersite Sorry for the long post but wanted to try and include as much information as possible.
August 29th, 2012 4:34pm

Hi, Try the following: http://support.microsoft.com/default.aspx?scid=kb;EN-US;961775 Martin If you find my information useful, please rate it. :-)
Free Windows Admin Tool Kit Click here and download it now
August 29th, 2012 9:18pm

Hi, Try the following: http://support.microsoft.com/default.aspx?scid=kb;EN-US;961775 Martin If you find my information useful, please rate it. :-)
August 29th, 2012 9:25pm

No this did not fix anything. When I clicked on the hotfix the only fix available was for Windows Vista 64 bit and I am running Windows Server 2008 R2
Free Windows Admin Tool Kit Click here and download it now
August 30th, 2012 8:35am

Does anyone else have any troubleshooting steps for me to take? Really would like to have the domain back to normal working order and be able to open Active Directory and Microsoft Exchange Management Console
August 31st, 2012 1:51pm

Hi, Can you check if your DNS Server service is running? Also, open up Services.msc, and click on Startup Type, to filter the services. Make sure that all services set as Automatic are running. If the above doesn't solve the problem, what is the DNS pointing to from this problematic server? Is this problematic server pointing to itself (since it is the AD/DNS itself)?Jabez Gan [MVP] - http://www.msblog.org Contributing Author for: (Sybex) MCTS: Windows Server 2008 Applications Infrastructure Configuration Study Guide: Exam 70-643
Free Windows Admin Tool Kit Click here and download it now
September 1st, 2012 7:56am

Hi, I would like to confirm what is the current situation? If there is anything that I can do for you, please do not hesitate to let me know, and I will be happy to help. Regards, Arthur Li TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.Arthur Li TechNet Community Support
September 3rd, 2012 2:21am

Hello Arthur_Li, The current situation is as stated above. I only have one server for my Domain it is windows server 2008 R2. It is the DC, DNS, Exchange server. All users can authenticate when trying to log in to windows, I can ping machnies by machine name and by IP address, We can all also send and recieve email. However, I cannot open up Active Directory or exchange management I get errors saying can't find any DC's in the domain or the server is not operational when i know it is because i am logged in on the server. I ran DCDIAG and posted the results above. Any information you can provide to help is appreciated.
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2012 9:42am

WBCONLINE, Please post this question in Directory Services forum. You may get some quick help. Please refer this discussion and assert that new post is repost in DS forum and later on Moderators might merge the threads. http://social.technet.microsoft.com/Forums/en-US/winserverDS/threadsThanks !
September 4th, 2012 9:56am

Hello, Yes the DNS Server service is running. Services.msc Here are the following services that are set to automatic but are not running. COM+ System application File Replication Microsoft Exchange System Attendant SQL Server VSS writer Google Update Service Microsoft .Net framework Software Protection The file replication service would not start at all. The other services either started or started and then stopped immediately according to the error message. Still have the same problem on the machine. Not sure what you mean by what is DNS pointing to but here is my DNS records, and I can ping and resolve everything by name or IP Name Type Data _msdcs _sites _tcp _udp domaindnszones --> (same as parent folder) Host (A) 192.168.1.200 Static forestdnszones --> (same as parent folder) Host (A) 192.168.1.200 Static (same as parent folder) Start of Authority (SOA) [149], wbcserv2008r2.westway-online.com., hostmaster. (same as parent folder) Name Server (NS) wbcserv2008r2.westway-online.com. (same as parent folder) Host (A) 192.168.1.200 (same as parent folder) Mail Exchanger (MX) [10] wbcserv2008r2.westway-online.com. cyndiews Host (A) 192.168.1.201 Schedule Alias (CNAME) westwaylinux.westway-online.com. smtp Host (A) 192.168.1.200 suite101-1 Host (A) 192.168.1.69 tracer-desktop Host (A) 192.168.1.249 wbcserv2008r2 Host (A) 192.168.1.200 westwaylinux Host (A) 192.168.1.158 wwreception Host (A) 192.168.1.103
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2012 10:02am

Hi, It definitely sounds as though it's a DNS issue. Also, don't work with ping when troubleshooting DNS. Stick to using nslookup instead, as ping can fall back to resolving names through broadcast if NetBIOS is left enabled, and that's not going to help you. Run an ipconfig /all and make sure your primary DNS server entry is pointing to 192.168.1.200 and not something else like 127.0.0.1. Try running the following three commands while logged on to your domain controller: nslookup -type=SRV _ldap._tcp.westway-online.comnslookup -type=SRV _gc._tcp.westway-online.comnslookup 192.168.1.200 They should all come back with valid results. Let us know how you go once you've check that out. Cheers, Lain
September 4th, 2012 10:24am

ok here are the results of ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : WBCSERV2008R2 Primary Dns Suffix . . . . . . . : WESTWAY-ONLINE.COM Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : Yes WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : WESTWAY-ONLINE.COM Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller Physical Address. . . . . . . . . : 00-22-19-1A-5C-47 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::fc3d:66c9:1055:5338%11(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.200(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 234889753 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-05-2D-91-00-22-19-1A-5C-47 DNS Servers . . . . . . . . . . . : 192.168.1.200 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.{8B480A8A-D01A-43C0-85A6-C0980BA8FECF}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes The nslookup parts i think i typed them correctly, here are the results: nslookup -type=SRV _ldap.tcp.westway-online.com Server: wbcserv2008r2.westway-online.com Address: 192.168.1.200 _ldap._tcp.westway-online.com SRV service location: priority = 0 weight = 100 port = 389 svr hostname = wbcserv2008r2.westway-online.com wbcserv2008r2.westway-online.com internet address = 192.168.1.200 nslookup -type=SRV _gc._tcp.westway-online.com Server: wbcserv2008r2.westway-online.com Address: 192.168.1.200 _gc._tcp.westway-online.com SRV service location: priority = 0 weight = 100 port = 3268 svr hostname = wbcserv2008r2.westway-online.com wbcserv2008r2.westway-online.com internet address = 192.168.1.200 nslookup 192.168.1.200 Server: wbcserv2008r2.westway-online.com Address: 192.168.1.200 Name: wbcserv2008r2.westway-online.com Address: 192.168.1.200
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2012 10:52am

They all respond, which is good. The next two records require a few steps to obtain their values before you can run the nslookup commands: AD domain GUID: Open up Powershell on the server (or a Windows client with the RSAT tools installed) and run the following two commands:Import-Module ActiveDirectoryGet-ADObject -Identity "dc=westway-online,dc=com" -Properties objectGUID | select objectGUID Copy and paste that GUID into a nslookup command so it looks like the following: nslookup -type=SRV _ldap_.tcp.<objectGUID>.domains._msdcs.westway-online.com I'm not expecting this to fail, as that usually only happens when a domain rename that's gone pear-shaped has taken place. Still, it doesn't hurt to check. The second record is the NTDS GUID for the domain controller: Open up Sites and Services (dssite.msc)Expand down the tree from Sites > Default-First-Site-Name > Servers > wbcserv208r2 > NTDS SettingsRight-click on the NTDS Settings node and copy and paste the "DNS Alias" value into a nslookup command as shown in the below example nslookup -type=SRV CF29327A-3763-449B-9F8C-BCFB7DAE1D0D._msdcs.westway-online.com If both of these come back fine, then all I can suggest is restarting the NETLOGON service on the domain controller and checking the Event Viewer - in particular the System and Directory Service nodes, for errors. I'm off for the night, but hopefully someone else can keep going with you. I'll check back in the morning. Cheers, Lain
September 4th, 2012 11:18am

Thanks for your assistance... Attached is the results so far. I ran Import-Module ActiveDirectory and i suppose everything went fine as it just went to the next line. I then entered your next command and here is the result: PS C:\> Get-ADObject -Identity "dc=westway-online,dc=com" -Properties objectGUID | select objectGUID Get-ADObject : Unable to find a default server with Active Directory Web Services running. At line:1 char:13 + Get-ADObject <<<< -Identity "dc=westway-online,dc=com" -Properties objectGUID | select objectGUID + CategoryInfo : ResourceUnavailable: (dc=westway-online,dc=com:ADObject) [Get-ADObject], ADServerDownExc eption + FullyQualifiedErrorId : Unable to find a default server with Active Directory Web Services running.,Microsoft.Ac tiveDirectory.Management.Commands.GetADObject
Free Windows Admin Tool Kit Click here and download it now
September 4th, 2012 11:37am

I guess that's not a surprising result. My next step would be to hit these event logs on the domain controller and look at the errors and warnings: Windows Logs\SystemApplications and Services Logs\DFS ReplicationApplications and Services Logs\Directory ServiceApplications and Services Logs\DNS Server Of these, the Directory Service will be the most important and probably have the most information. The DNS Server may also be up there. The DFS Replication will likely contain errors, but most of these will actually be a byproduct of the real issue rather than the cause. Nevertheless, sometimes you'll find errors there that help find the original problem, such as the inability to resolve the NTDS GUID DNS alias, etc. Going off on a tangent based on what you listed above, I can't remember if the Software Protection Service runs when you use a MAK key for activation (I don't think it does), but running the following command from a command prompt will tell you if the server's still activated or not: cscript %systemroot%\system32\slmgr.vbs /dli Just look for the "License Status" line. Cheers, Lain
September 4th, 2012 7:32pm

Thank you for your help... Just wanted to let you know they helped resolve my issue in Directory Services: http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/9971b382-97f3-46d2-bee9-1bf590ef1bca This can now be closed.
Free Windows Admin Tool Kit Click here and download it now
September 5th, 2012 10:38am

Thank you for your help... Just wanted to let you know they helped resolve my issue in Directory Services: http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/9971b382-97f3-46d2-bee9-1bf590ef1bca This can now be closed.
September 5th, 2012 10:40am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics