A Global Catalog Server could not be located - All GC's are down

domain-name-system active-directory windows-sbs-2011
12,164

To resolve this I ended up restoring the sysvol folder from a backup. I am not sure if this was the best way to fix it but it worked.

Share:
12,164

Related videos on Youtube

Jase
Author by

Jase

Sysadmin, play with a bit of code in my spare time

Updated on September 18, 2022

Comments

  • Jase
    Jase almost 2 years

    I seem to be having a number of issues with our SBS. I believe this was originally domain was previously on a SBS 2003 box before being moved to this SBS 2011 box last year, it has been running fine until yesterday. I cant see anything that has changed then though.

    Everything seems to point to DNS although I am struggling to pinpoint the actual cause. The most worrying is when I try to open something on the SBS such as AD sites and services.

    //edit can't post images yet - the error is

    Active Directory Domain Services - Naming information cannot be located because: The specified domain either does not exist or could not be contacted. Contact your system administrator to verify that your domain is properly configured and is currently online.

    Here is the IPconfig from the server

       Host Name . . . . . . . . . . . . : SBS2012
   Primary Dns Suffix  . . . . . . . : Contosso.local
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Contosso.local

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) 82575EB Gigabit Network Connecti
on #2
   Physical Address. . . . . . . . . : 00-1E-67-39-23-14
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8087:34f0:59f9:6a26%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.35.250(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.35.1
   DHCPv6 IAID . . . . . . . . . . . : 301997671
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-39-46-22-00-1E-67-39-23-15

   DNS Servers . . . . . . . . . . . : 192.168.35.250
   NetBIOS over Tcpip. . . . . . . . : Enabled

PPP adapter RAS (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RAS (Dial In) Interface
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.35.24(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A23E95B8-B5C2-4D88-BDE9-E9F1C2DD3902}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

    and here is the nltest

    nltest /server:sbs2012 /dsgetdc:contosso.local
           DC: \\SBS2012.contosso.local
      Address: \\192.168.35.250
     Dom Guid: c50b6df3-9d22-4c87-b2a7-adadc4fd5ec1
     Dom Name: contosso.local
  Forest Name: contosso.local
 Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
        Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
DNS_FOREST CLOSE_SITE FULL_SECRET WS
The command completed successfully

    As far as I can see everything so far looks ok (highly possible I am missing something) but when I run a DCDIAG it gets messy

    Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = SBS2012

   * Identified AD Forest. 
   Done gathering initial info.


Doing initial required tests


   Testing server: Default-First-Site-Name\SBS2012

      Starting test: Connectivity

         ......................... SBS2012 passed test Connectivity



Doing primary tests


   Testing server: Default-First-Site-Name\SBS2012

      Starting test: Advertising

         Fatal Error:DsGetDcName (SBS2012) call failed, error 1355

         The Locator could not find the server.

         ......................... SBS2012 failed test Advertising

      Starting test: FrsEvent

         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems. 
         ......................... SBS2012 passed test FrsEvent

      Starting test: DFSREvent

         ......................... SBS2012 passed test DFSREvent

      Starting test: SysVolCheck

         ......................... SBS2012 passed test SysVolCheck

      Starting test: KccEvent

         ......................... SBS2012 passed test KccEvent

      Starting test: KnowsOfRoleHolders

         ......................... SBS2012 passed test KnowsOfRoleHolders

      Starting test: MachineAccount

         ......................... SBS2012 passed test MachineAccount

      Starting test: NCSecDesc

         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have 

            Replicating Directory Changes In Filtered Set
         access rights for the naming context:

         DC=DomainDnsZones,DC=Contosso,DC=local
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have 

            Replicating Directory Changes In Filtered Set
         access rights for the naming context:

         DC=ForestDnsZones,DC=Contosso,DC=local
         ......................... SBS2012 failed test NCSecDesc

      Starting test: NetLogons

         Unable to connect to the NETLOGON share! (\\SBS2012\netlogon)

         [SBS2012] An net use or LsaPolicy operation failed with error 67,

         The network name cannot be found..

         ......................... SBS2012 failed test NetLogons

      Starting test: ObjectsReplicated

         ......................... SBS2012 passed test ObjectsReplicated

      Starting test: Replications

         [Replications Check,SBS2012] DsReplicaGetInfo(PENDING_OPS, NULL)

         failed, error 0x2105 "Replication access was denied."

         ......................... SBS2012 failed test Replications

      Starting test: RidManager

         ......................... SBS2012 passed test RidManager

      Starting test: Services

            Could not open NTDS Service on SBS2012, error 0x5

            "Access is denied."

         ......................... SBS2012 failed test Services

      Starting test: SystemLog

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   08:27:32

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   08:32:32

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   08:37:32

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   08:42:32

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   08:47:32

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   08:52:32

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         An error event occurred.  EventID: 0x00000457

            Time Generated: 07/12/2013   08:54:09

            Event String:

            Driver EPSON WorkForce 645 Series required for printer EPSON WorkForce 645 Series is unknown. Contact the administrator to install the driver before you log in again.

         An error event occurred.  EventID: 0x00000457

            Time Generated: 07/12/2013   08:54:10

            Event String:

            Driver FX DocuCentre-IV C2270 PCL 6 required for printer scanner - 212 Manukau Rd Epsom is unknown. Contact the administrator to install the driver before you log in again.

         An error event occurred.  EventID: 0x00000457

            Time Generated: 07/12/2013   08:54:10

            Event String:

            Driver HP ePrint required for printer HP ePrint is unknown. Contact the administrator to install the driver before you log in again.

         An error event occurred.  EventID: 0x00000457

            Time Generated: 07/12/2013   08:54:11

            Event String:

            Driver PDF Complete Converter required for printer PDF Complete is unknown. Contact the administrator to install the driver before you log in again.

         An error event occurred.  EventID: 0x00000457

            Time Generated: 07/12/2013   08:54:14

            Event String:

            Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact the administrator to install the driver before you log in again.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   08:57:32

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   09:02:33

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         A warning event occurred.  EventID: 0x00002724

            Time Generated: 07/12/2013   09:03:32

            Event String:

            This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you should use only static IPv6 addresses.

         An error event occurred.  EventID: 0x0000041A

            Time Generated: 07/12/2013   09:03:33

            Event String:

            The DHCP/BINL service on the local machine encountered a network error. The error was: 0x       2.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   09:03:33

            Event String:

            The DHCP/BINL service on this computer is shutting down. See the previous event log messages for reasons.

         An error event occurred.  EventID: 0xC0002720

            Time Generated: 07/12/2013   09:03:45

            Event String:

            The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 


         An error event occurred.  EventID: 0xC0002720

            Time Generated: 07/12/2013   09:03:46

            Event String:

            The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 


         An error event occurred.  EventID: 0xC0002720

            Time Generated: 07/12/2013   09:03:46

            Event String:

            The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 


         An error event occurred.  EventID: 0xC0002720

            Time Generated: 07/12/2013   09:03:46

            Event String:

            The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 


         An error event occurred.  EventID: 0xC0002720

            Time Generated: 07/12/2013   09:03:46

            Event String:

            The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 


         An error event occurred.  EventID: 0x00000406

            Time Generated: 07/12/2013   09:07:33

            Event String:

            The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful.

         An error event occurred.  EventID: 0x00000406

            Time Generated: 07/12/2013   09:12:34

            Event String:

            The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful.

         An error event occurred.  EventID: 0xC00038D6

            Time Generated: 07/12/2013   09:16:24

            Event String:

            The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   09:17:34

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         An error event occurred.  EventID: 0x0000041E

            Time Generated: 07/12/2013   09:22:34

            Event String:

            The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.

         ......................... SBS2012 failed test SystemLog

      Starting test: VerifyReferences

         ......................... SBS2012 passed test VerifyReferences



   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation


   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation


   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation


   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation


   Running partition tests on : Contosso

      Starting test: CheckSDRefDom

         ......................... Contosso passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Contosso passed test CrossRefValidation


   Running enterprise tests on : Contosso.local

      Starting test: LocatorCheck

         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355

         A Global Catalog Server could not be located - All GC's are down.

         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355

         A Time Server could not be located.

         The server holding the PDC role is down.

         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error

         1355

         A Good Time Server could not be located.

         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355

         A KDC could not be located - All the KDCs are down.

         ......................... Contosso.local failed test LocatorCheck

      Starting test: Intersite

         ......................... Contosso.local passed test Intersite

    Anyone have any ideas? Thanks

    Here is the _msdcs.contosso.local forwarder entry

    Name,Type,Data,Timestamp
dc,,,
domains,,,
gc,,,
pdc,,,
(same as parent folder),Start of Authority (SOA),[88], sbs2012.Contosso.local., hostmaster.,static
(same as parent folder),Name Server (NS),sbs2012.Contosso.local.,static
c0074617-7e4a-4ed4-937d-67d38780d11c,Alias (CNAME),sbs2012.Contosso.local.,?12/?07/?2013 2:00:00 a.m.
    • Spence
      Spence almost 11 years
      Do you see any "Automatic" start services that are either not running or "Paused"? I'm feeling like you've got a service not started that is preventing the machine from advertising itself as a DC. Did this start immediately after a reboot? What does the System Event Log have to say around the time that the problems started?
    • Jase
      Jase almost 11 years
      I do have a couple of services that are not starting one is the DHCP server which stopped since this problem has occurred and wont restart... I am assuming that this will sort itself out once I fix the cause. Also the "Microsoft Exchange system attendant" service is not starting.
    • Jase
      Jase almost 11 years
      No reboot, or updates... Netlogon service is running (and set to automatic), it was one of things I checked as had seen others who had had an issue with it becoming paused or stopped all of a sudden. going through the logs again it looks ok then all of a sudden here is an error logged by group policy "The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly." event ID 1054
    • Spence
      Spence almost 11 years
      Does the view in the DNS Management Console look normal? You're seeing your _msdcs.contoso.local forward lookup zone and it appears to be populated normally?
    • Jase
      Jase almost 11 years
      Thanks for the help so far Evan, I added the forward lookupzone above. One thing I did find when troubleshooting was a non-existant server listed in 'forward lookup zones'>>contosso.local>>_msdcs which I changed to the FQDN and IP of the SBS (should I have just deleted it and let the SBS rebuid it?)
    • Spence
      Spence almost 11 years
      You should let Windows handle the "_msdcs.contoso.local" zone. If the zone was missing your best bet would be to stop/restart the "Netlogon" service, which will cause the zone to be rebuilt.
    • Jase
      Jase almost 11 years
      the zone is there I simply edited one of the name servers listed in forward lookupzones>>contosso.local>>_msdcs . but I did restart netlogon again to see if anything new was created but it doesn't seem to make any changes

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Windows Server 2012 AD DC/DNS/DHCP in single server
Can't connect to domain controller
AD DC - Group Policy Event ID 1055
Broken DNS delegation
FQDNs resolving correctly via ping but not nslookup
Can't add client machine to windows server 2008 domain controller
Cannot connect Windows 7 machine to windows 2003 domain
SBS2011 Standard DNS suddenly not resolving some domains
Windows Server 2008 R2 drops packets
Group Policy for DNS Server Addresses