Next run DCDIAG on the DC and look for any errors.
Also, look in the event log for any errors during.
This set of steps was in response to an error a customer was getting when they tried to create a webApplication. The error in the wireshark trace was : 000020E1: SvcErr: DSID-03200674, problem 5002 (UNAVAILABLE), data 0
This indicates an issue with the global catalog when webAdmin went to modify the webapplication attributes.
Replication Health Best Practices
* Also display's DC's GUID
/REPLICATE - force replication of an NC
/SYNCALL - syncs a DC wit its partners
/DSAGUID - Resolves DC name from GUID
* This is handy for cound not establish a replication link error.
/QUEUE - display a DC's replication queue
Check replication regularly with /REPSLSUMMARY
Every DC Hosts its own secure integrated DNS
* DC's primary DNS client pointing to itself (127.0.0.1)
* If you suspect a dns problem point to a known good dns
Make sure DCs are either current or removed.
To format the list for REPADMIN a little nicer you can do:
repadmin /replsummary /bysrc /bydest /sort:delta
Example : nltest /dsgetdc:example-cloud.com
dcdiag /test:dns /e /v > output.txt
/e - every dc in the forest
/v - verbose output
> output.txt - send output to txt file
Look for results of the 6 tests.
Auth - Authentication
Basc - Basic connectivity
Forw - forwarders configuration
Del - dynameic registrtation
Rreg - resource record registration
Ext - external connectivity outside of the zone