Im trying to setup a test lab for our 2008R2 AD environment but am having trouble getting the domain controllers to start. If I just start the PDC with all FSMO roles (DC01) it gives an error saying it needs to do an initial synchronisation with atleast 1 other domain controller before it will start. I understand this means turn on another DC and it should be good to go.
but When I start DC03, it starts but has an error in dcdiag saying it cannot connect to the PDC. I can open sites and service and right click dc01 to manually 'replicate now'. It says its 'Active Diretory Domain sevices has repllicated the connections'.
On DC01 and DC03 I have tried to force replication with 'repadmin /replicate dc01 dc03 DC=domain,DC=com', it says Experienced the following operational errors trying to retrieve replication information: 58 - dc03'.
Pretty much google says that they cant communicate with each other, but I dont know why. I can ping and RDP between them. They are both on an isolated vswitch. Firewalls are off. They are on different subnets so I added windows routes. Their subnets are in sites and services.
Any advice on getting a copy of production as a Lab up and running?
update:
I have tried the registry setting:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]
"Repl Perform Initial Synchronizations"=dword:00000000
When I use it, it starts but I cant create any new objects in AD such as users - it says 'The Directory Service is unable to allocate a relative identifier.'
Does anyone else have this issue if they use this reg key?
repadmin /showreps - says: Last Attempt at failed, result 8524 (0x214c): The DSA operation is unable to proceed because of a DNS lookup failure.
PortQuery: General network connectivity is ok. Domains and trusts says there are issues with the services that are not started. eg. ldap query fails because the directory services has not started.
update 2: Solution: Turns out this was just a rookie mistake. My isolated network was only on one Host. I boot my VM I placed it on this host, but after a short amount of time, DRS would eventually migrate one of these VMS, so network connectivity would be lost. I would usually have enough time to do initial tests such as network connection, ping etc.
