FIX: Active Directory Replication errors: The RPC server is unavailable. Or The target principal name is incorrect. Or The Kerberos client received a KRB_AP_ERR_MODIFIED error.

Scenario: One of your Site Domain Controller went Out-of-Sync (unable to communicate) for 10-15 days with your PDC.  When you attempt to make replication from that server to the PDC, you’ll end receiving below error messages: REPADMIN /SHOWREPS, results in error “The target principal name is incorrect.” as shown below: C:\>REPADMIN /SHOWREPSHYD-Network\INDHYD-DC02DSA Options: IS_GCSite Options: IS_GROUP_CACHING_ENABLEDDSA object GUID: 57014cf3-43d0-4f07-8cab-83f0b99o256eDSA invocationID: 1acac066-b749-44fa-b142-9d142e505b55 ==== INBOUND NEIGHBORS ====================================== DC=mylab,DC=lan    US-Network\US-DC01 via RPC        DSA object GUID: f9719614-f32a-4bbd-842a-2fb144f83680        Last attempt @ 2016-06-30 13:15:09 failed, result -2146893022 (0x80090322):           The target principal name is incorrect.        295 consecutive failure(s).        Last success @ 2016-05-27 21:22:30. CN=Configuration,DC=mylab,DC=lan    US-Network\US-DC01 via RPC        […]


FIX: DNS Manager fails with error: Access was denied.

Scenario: When you launch DNS Manager console application on your local site Domain Controller server, it will result in below error message.  You notice this behaviour when your domain controller hasn’t communicated with your PDC for a long while (say for 10-15 days), you have your server restarted during this time. During this issue its most probable that you may be experiencing the AD replication issues to this server. —————————DNS—————————The server INDHYD-DC01 could not be contacted. The error was: Access was denied.   Would you like to add it anyway?—————————Yes   No   —————————   Fix: If you have your domain controller […]

Fix: The following Domain Controller could not be contacted – A local error has occurred.

Scenario: You attempt to launch the Active Directory Management Console – Active Directory Domains and Trusts, on your domain controller in a different AD site,  you’ll be notified with the below error: —————————Active Directory Domain Services————————— The following Domain Controller could not be contacted: USA-DC01.mylab.lan. A local error has occurred. —————————OK—————————   Fix: If your current domain controller (in the different site) is running with different time zone than that of the primary domain controller that you are trying to connect to, then change the time zone on your domain controller to match with the time zone of the primary […]