Sep 10, 2018

Active Directory Users and Computers Will Not Open After Azure Site Recovery Test Failover

The other day we wanted to test some database stuff in our Production Azure environment. Obviously, we didn't want to mess with actual Production data, so since we're using Azure Site Recovery for our disaster recovery plan, we decided to initiate a test failover of the impacted systems in an isolated network.

Also, since we're using our own domain controller VMs, we had to fail those over for authentication. This is where I ran into problems. After initiating the test failover of my domain controllers I couldn't open Active Directory Users and Computers. When I tried, I got this message:

Naming information cannot be located because: The specified domain either does not exist or could not be contacted. Contact your system administrator to verify that your domain is properly configured and is currently online.


Well, after banging by head on the wall for a few hours, I finally found a solution. Open a registry editor and browse to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Open the SysvolReady key. If the value of the key is 0 change it to 1. If the value is 1 change it to 0 and ‘Accept’, again change to 1 and accept. Exit registry editor.

Boom! After that I could open Active Directory Users and Computers again without a reboot!

One thing that still didn't work though was Netlogon and Group Policy. To fix that on my two domain controllers in the test environment I had to copy all contents from C:\Windows\SYSVOL\domain\NtFrs_PreExisting___See_EventLog on both domain controllers to C:\Windows\SYSVOL\domain\. When that was done I ran the following on both test domain controllers:

  • net stop netlogon
  • net start netlogon
After that, Netlogon and Group Policy were working again. I also took the extra steps seizing FSMO roles and deleting the other domain controllers from Active Directory Users and Computers, as well as Active Directory Sites and Services along with their sites. That way I wouldn't have to deal with replication issues in the isolated test environment.

Have you ever ran into something like this? Did you fix it differently? Let us know in the comments!



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam