I'm dealing with a frustrating situation where I can't connect to several servers and PCs using Remote Desktop Protocol (RDP). Occasionally, I can connect directly using the IP address, which I believe skips Kerberos in favor of NTLM. I've already done some troubleshooting: I fixed some DNS records on both my primary and backup domain controllers (DCs). When I ran the command 'nltest /sc_verify', I encountered the error I_NetLogonControlFailed with status 1355 (ERROR_NO_SUCH_DOMAIN). My supervisor suggested that I might want to demote and then promote my main DC to see if that resolves the Active Directory issues. The DC in question was recently rebuilt by my supervisor, but he handed the task of resolving these RDP issues over to me. I'm looking for a sanity check on whether demoting and promoting the DC is a reasonable step forward.
3 Answers
Did your supervisor actually demote the previous DC? Honestly, it seems like he should be the one cleaning up this mess instead of passing it off to you.
That nltest error is a significant concern! It suggests your DC rebuild might have caused some trust relationship issues. Demoting and promoting the DC is quite the drastic move, but if you're facing DNS problems and getting domain errors, it may be the best way to go. Just make sure you've got solid backups, as this could disrupt a lot of things temporarily.
Have you run dcdiag to check the health of your domain? It could provide valuable insights.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures