0

I am trying to stand up a new domain controller and add it to an existing domain. The two servers are in two separate cloud zones. Before promoting the new server I was able to contact the existing DCs. I was able to add it to the domain, update group policy, and update via WSUS so there is no issue with communicating with the domain (after adding the DCs to the hosts file).

However when I add the AD DS role on the new server and try to promote it to a DC it is stuck endlessly on the "replicating critical domain information" message. After checking the logs I see warnings from DNS and Time Service saying it cannot contact the domain server. Also if I try to run a gpupdate it fails saying it cannot contact the DC. I'm still able to ping the original DC but for some reason it can't communicate with domain services and this appears to be preventing me from promoting this new server to a DC.

What am I missing?

Tony
  • 457
  • 3
  • 11
  • 23
  • 1
    **What am I missing?** - You're missing giving us critical information, like how these servers are connected, their ip addressing information, etc. They're in two separate cloud zones? What does that mean? – joeqwerty Mar 08 '23 at 17:21
  • The DC needs to use the other DC(s) as DNS servers, and there needs to be full network access (all ports/protocols) to the other DC's. PortQueryUI should be used to confirm basic network access from the DC to the other DC's. – Greg Askew Mar 08 '23 at 18:07

0 Answers0