This object monitors communication with domain controllers and creates a Critical alert if DFS Replication fails to contact a domain controller. It does so by looking for the presence of DFS Replication Event 1202.
An unhealthy state of this monitor indicates that DFS Replication failed to contact a domain controller to retrieve configuration information. If replication was working previously, the service will use cached configuration stored locally but will not respond to any configuration changes until the issue is resolved.
This issue can be caused by the following factors:
Basic network connectivity issues
Active Directory Domain Services (AD DS)issues
Test basic network connectivity
To test network connectivity with the affected server, use the following procedure:
1. Open a command prompt window and then use the ping command to check basic network connectivity. If the ping command fails, it is likely that the server is not running, or has network problems that require local access to resolve. If ping is blocked in your network environment, skip this step.
2. If the ping command is successful, test the server’s registration in DNS by using the nslookup command. If the nslookup command fails, there is a problem with DNS. Check the DNS server health or contact the DNS server administrator.
3. If the nslookup command succeeds, DNS is working properly.
Note: For more information about troubleshooting network issues, see article 325487 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?linkid=46059).
Check Firewall settings
If a firewall has been configured between replication partners, ensure that it is not blocking RPC communication. DFS Replication depends on RPC for communication. DFS Replication uses the RPC Endpoint Mapper (port 135) and a randomly assigned dynamic port in the range of 49152 through 65535 for Windows Server 2008 R2 and Windows Server 2008, or in the range of 1025 through 5000 for Windows Server 2003 R2.
You can use the Dfsrdiag command-line tool to specify a static port instead of the dynamic port. For more information about how to specify the RPC Endpoint Mapper, see article 154596 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=73991). For more information about dynamic port usage in Windows Server 2008, see article 929851 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=187092).
After resolving the underlying problem(s), this monitor should automatically return to a healthy state.
To test DFS Replication’s ability to communicate with AD DS, open a command prompt window and then type the following command: Dfsrdiag pollad /verbose. The command should report Operation Succeeded. If not, there is a problem communicating with AD DS.