Slow domain user logon after promotion of ADC to DC

Question

I had DC and ADC server of Windows 2016 R2 in a domain environment. The DC crashed and I promoted ADC to DC and shifted all five FSMO roles to new DC.

After the crashed DC was removed from the network, the Users are facing very slow logins. It is taking 4 to 5 minutes of login.

Clients are of Windows 7 and Windows 10.

DNS is pointing to right servers.

DCDIAG result are:

C:\>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = DATABASE
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DATABASE
      Starting test: Connectivity
         The host 5167d093-8105-4ade-86c7-403fb0b3647f._msdcs.DomainName.COM could not be resolved to an IP address. Check
         the DNS server, DHCP, server name, etc.
         Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
         ......................... DATABASE failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DATABASE
      Skipping all tests, because server DATABASE is not responding to directory service requests.


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : DomainName
      Starting test: CheckSDRefDom
         ......................... DomainName passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainName passed test CrossRefValidation

   Running enterprise tests on : DomainName.COM
      Starting test: LocatorCheck
         ......................... DomainName.COM passed test LocatorCheck
      Starting test: Intersite
         ......................... DomainName.COM passed test Intersite

score 0 · Answer 1 · answered Mar 20 '20 at 11:56

There is your Problem:

[...] because server DATABASE is not responding to directory service requests.

That means tah you do not really have a AD at the Moment.

This can be the firewall of the local system (DATABASE), incorrect configuration and a lot more. Check your server DATABASE, read the eventlogs and bring the DC service back up.

Slow domain user logon after promotion of ADC to DC

1 Answers1