ADUC hittar ingen GC att prata med då DNS inte svarar

DNS kan inte ladda in zoner från AD då AD är nere

 

Lite fel jag såg i loggen..

DNS-Server-Service - Event 4000 (Error)

The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

 

DNS-Server-Service - Event 4007 (Error)

The DNS server was unable to open zone _msdcs.domain.lab in the Active Directory from the application directory partition ForestDnsZones.domain.lab. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

 

DNS-Server-Service - Event 4013 (Warning)

The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.

 

ActiveDirectory_DomainServices - Event 1655 (Warning)

Active Directory Domain Services attempted to communicate with the following global catalog and the attempts were unsuccessful.

Global catalog:

\\DCName1.domain.lab

The operation in progress might be unable to continue. Active Directory Domain Services will use the domain controller locator to try to find an available global catalog server.

Additional Data

Error value:

5 Access is denied.

 

ActiveDirectory_DomainService - Event 1126 (Error)

Active Directory Domain Services was unable to establish a connection with the global catalog.

Additional Data

Error value:

8430 The directory service encountered an internal failure.

Internal ID:

3201385

ActiveDirectory_DomainServices - Event 2092 (Warning)

This server is the owner of the following FSMO role, but does not consider it valid. For the partition which contains the FSMO, this server has not replicated successfully with any of its partners since this server has been restarted. Replication errors are preventing validation of this role.

Operations which require contacting a FSMO operation master will fail until this condition is corrected.

FSMO Role: DC=domain,DC=lab

 

-------------------------------------------------------------------------

Efter lite letande hittade jag denna sidan

https://rakhesh.com/windows/fixing-the-dns-server-was-unable-to-open-active-directory-errors/

Provade då:

netdom resetpwd /server:DCName1.domain.lab /userd:domain\<Domain_Admin> /passwordd:*

Men eftersom DNS var nere och inte kunde hantera FQDN fick jag gå över till att lokalt på PDC'n köra

netdom resetpwd /server:localhost /userd:domain\<Domain_Admin> /passwordd:*

Vilket fick DCName1 att börja prata med sin omgivning igen.