How do you fix the security database on the server does not have a computer account for this workstation trust?

JohnLF

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

chipotle

Your question isn't very clear.  It sounds like no-one is able to log onto the workstation as it has lost trust to the domain.  If that is the case, use a domain admin account to logon using a different workstation, then remove and re-add the problem workstation to the domain.

Also wrong group, should be in a Windows group, not a spiceworks group.

1 found this helpful thumb_up thumb_down

why would the user loose data?

just rejoin to the domain.

and you're in the wrong group!

0 of 1 found this helpful thumb_up thumb_down

Rockn

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

mace

Is this an ongoing problem with workstations or is this a one off issue? If it is one off you can reset the secure channel password if there is truly a  computer account in AD without having to rejoin the domain. Go into ADUC and right click the computer account and select Reset Account. Then go to Control Panel > System > Advanced SYstem Settings >  Computer Name > Network ID and follow until the end.

Was this post helpful? thumb_up thumb_down

tfl

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

mace

Active Directory & GPO Expert

• check 32 Best Answers
• thumb_up 106 Helpful Votes

What is the exact error message and how is it generated??

Was this post helpful? thumb_up thumb_down

The security database on the server does not have a computer account for this workstation trust relationship

Was this post helpful? thumb_up thumb_down

EminentX

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

habanero

Active Directory & GPO Expert

• check 91 Best Answers
• thumb_up 247 Helpful Votes
• format_list_bulleted 3 How-tos

As you've mentioned in the following, you have only one DC and you could not create a user account. Are you sure that the DC is healthy and could authenticate the users?
https://community.spiceworks.com/topic/2232356-i-have-only-one-dc-and-i-am-getting-below-error-how-should-i-fix?page=1#entry-8560090
What does the "DCdiag /c /v /e /q" say?

Was this post helpful? thumb_up thumb_down

DCdiag /c /v /e /q   Result 

Please find the below result and its looks like Server Replication Issue with another DC (  BT-AD1-VM) but this Server is no longer Available  

Please advice .........

PS C:\Users\Administrator> DCdiag /c /v /e /q
        Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
        ......................... BT-AD1-VM failed test Connectivity
        Warning: LL-AD1-VM is not advertising as a time server.
        ......................... LL-AD1-VM failed test Advertising
        Source DC BT-AD1-VM has possible security error (1722). Diagnosing...
              Error 2184 querying time on DC BT-AD1-VM. Ignoring this DC and continuing...
              Could not open pipe with [BT-AD1-VM]:failed with 64: The specified network name is no longer available.
              Could not get NetBIOSDomainName
              Failed can not test for HOST SPN
              Failed can not test for HOST SPN
        ......................... LL-AD1-VM failed test CheckSecurityError
        There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
        replication problems may cause Group Policy problems.
        ......................... LL-AD1-VM failed test DFSREvent
        An error event occurred. EventID: 0xC0000827
            Time Generated: 09/17/2019 00:34:25
            Event String:
            Active Directory Domain Services could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory Domain Services from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
        An error event occurred. EventID: 0xC0000461
            Time Generated: 09/17/2019 00:36:44
            Event String: The format of the schedule attribute of the following object is unrecognizable.
        A warning event occurred. EventID: 0x8000051C
            Time Generated: 09/17/2019 00:36:44
            Event String:
            The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following directory service has consistently failed.
        An error event occurred. EventID: 0xC0000461
            Time Generated: 09/17/2019 00:36:44
            Event String: The format of the schedule attribute of the following object is unrecognizable.
        ......................... LL-AD1-VM failed test KccEvent
        ** Did not run Outbound Secure Channels test because /testdomain: was not entered
        [Replications Check,LL-AD1-VM] A recent replication attempt failed:
            From BT-AD1-VM to LL-AD1-VM
            Naming Context: DC=ForestDnsZones,DC=bml,DC=co,DC=mz
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2019-09-17 00:38:36.
            The last success occurred at 2019-07-28 10:30:33.
            4413 failures have occurred since the last success.
            The source remains down. Please check the machine.
        [Replications Check,LL-AD1-VM] A recent replication attempt failed:
            From BT-AD1-VM to LL-AD1-VM
            Naming Context: DC=DomainDnsZones,DC=bml,DC=co,DC=mz
            The replication generated an error (8524):
            The DSA operation is unable to proceed because of a DNS lookup failure.
            The failure occurred at 2019-09-17 00:37:23.
            The last success occurred at 2019-07-28 10:30:33.
            4405 failures have occurred since the last success.
            The guid-based DNS name c689e3bf-94c5-4bc0-b2ac-c971784abd17._msdcs.bml.co.mz
            is not registered on one or more DNS servers.
        [Replications Check,LL-AD1-VM] A recent replication attempt failed:
            From BT-AD1-VM to LL-AD1-VM
            Naming Context: CN=Schema,CN=Configuration,DC=bml,DC=co,DC=mz
            The replication generated an error (8524):
            The DSA operation is unable to proceed because of a DNS lookup failure.
            The failure occurred at 2019-09-17 00:36:42.
            The last success occurred at 2019-07-28 10:30:33.
            4402 failures have occurred since the last success.
            The guid-based DNS name c689e3bf-94c5-4bc0-b2ac-c971784abd17._msdcs.bml.co.mz
            is not registered on one or more DNS servers.
        [Replications Check,LL-AD1-VM] A recent replication attempt failed:
            From BT-AD1-VM to LL-AD1-VM
            Naming Context: CN=Configuration,DC=bml,DC=co,DC=mz
            The replication generated an error (8524):
            The DSA operation is unable to proceed because of a DNS lookup failure.
            The failure occurred at 2019-09-17 00:35:24.
            The last success occurred at 2019-07-28 10:30:33.
            4404 failures have occurred since the last success.
            The guid-based DNS name c689e3bf-94c5-4bc0-b2ac-c971784abd17._msdcs.bml.co.mz
            is not registered on one or more DNS servers.
        [Replications Check,LL-AD1-VM] A recent replication attempt failed:
            From BT-AD1-VM to LL-AD1-VM
            Naming Context: DC=bml,DC=co,DC=mz
            The replication generated an error (8524):
            The DSA operation is unable to proceed because of a DNS lookup failure.
            The failure occurred at 2019-09-17 00:34:25.
            The last success occurred at 2019-07-28 10:30:33.
            4404 failures have occurred since the last success.
            The guid-based DNS name c689e3bf-94c5-4bc0-b2ac-c971784abd17._msdcs.bml.co.mz
            is not registered on one or more DNS servers.
        ......................... LL-AD1-VM failed test Replications
        The DS has corrupt data: rIDPreviousAllocationPool value is not valid
        ......................... LL-AD1-VM failed test RidManager
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:06:36
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:11:56
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x0000410B
            Time Generated: 09/17/2019 00:12:46
            Event String:
            The request for a new account-identifier pool failed. The operation will be retried until the request succeeds. The error is
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:14:20
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:14:28
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:14:43
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:14:50
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:15:43
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:15:46
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x40000004
            Time Generated: 09/17/2019 00:24:48
            Event String:
            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ll-ad1-vm$. The target name used was BML\BT-AD1-VM$. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (bml.co.mz) is different from the client domain (bml.co.mz), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:31:33
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0xC0003A9D
            Time Generated: 09/17/2019 00:31:39
            Event String:
            Unable to bind to the underlying transport for 102.70.32.111:443. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
        An error event occurred. EventID: 0x000010CE
            Time Generated: 09/17/2019 00:31:39
            Event String: IP-HTTPS server has failed to start with the following error: 0x4BE.
        An error event occurred. EventID: 0x00002710
            Time Generated: 09/17/2019 00:31:59
            Event String: Unable to start a DCOM Server: {9C38ED61-D565-4728-AEEE-C80952F0ECDE}. The error:
        An error event occurred. EventID: 0x00002710
            Time Generated: 09/17/2019 00:31:59
            Event String: Unable to start a DCOM Server: {9C38ED61-D565-4728-AEEE-C80952F0ECDE}. The error:
        An error event occurred. EventID: 0x0000410B
            Time Generated: 09/17/2019 00:32:14
            Event String:
            The request for a new account-identifier pool failed. The operation will be retried until the request succeeds. The error is
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:32:44
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.pdc._msdcs.bml.co.mz. 600 IN SRV 0 100 389 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x00000423
            Time Generated: 09/17/2019 00:32:49
            Event String: The DHCP service failed to see a directory server for authorization.
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:32:50
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.gc._msdcs.bml.co.mz. 600 IN SRV 0 100 3268 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:33:37
            Event String:
            The dynamic registration of the DNS record '_kerberos._tcp.bml.co.mz. 600 IN SRV 0 100 88 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:33:42
            Event String:
            The dynamic registration of the DNS record '_gc._tcp.bml.co.mz. 600 IN SRV 0 100 3268 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:34:25
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.DomainDnsZones.bml.co.mz. 600 IN SRV 0 100 389 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:34:30
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.ForestDnsZones.bml.co.mz. 600 IN SRV 0 100 389 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:34:35
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.BML._sites.bml.co.mz. 600 IN SRV 0 100 389 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:34:39
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.BML._sites.gc._msdcs.bml.co.mz. 600 IN SRV 0 100 3268 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:34:44
            Event String:
            The dynamic registration of the DNS record '_kerberos._tcp.BML._sites.dc._msdcs.bml.co.mz. 600 IN SRV 0 100 88 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:34:49
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.BML._sites.dc._msdcs.bml.co.mz. 600 IN SRV 0 100 389 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:34:53
            Event String:
            The dynamic registration of the DNS record '_kerberos._tcp.BML._sites.bml.co.mz. 600 IN SRV 0 100 88 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:34:59
            Event String:
            The dynamic registration of the DNS record '_gc._tcp.BML._sites.bml.co.mz. 600 IN SRV 0 100 3268 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:35:04
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.BML._sites.DomainDnsZones.bml.co.mz. 600 IN SRV 0 100 389 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:35:08
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.BML._sites.ForestDnsZones.bml.co.mz. 600 IN SRV 0 100 389 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:35:13
            Event String:
            The dynamic registration of the DNS record 'bml.co.mz. 600 IN AAAA fd65:5157:df80:3333::1' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:35:17
            Event String:
            The dynamic registration of the DNS record 'gc._msdcs.bml.co.mz. 600 IN AAAA fd65:5157:df80:3333::1' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:35:22
            Event String:
            The dynamic registration of the DNS record 'DomainDnsZones.bml.co.mz. 600 IN AAAA fd65:5157:df80:3333::1' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:35:27
            Event String:
            The dynamic registration of the DNS record 'ForestDnsZones.bml.co.mz. 600 IN AAAA fd65:5157:df80:3333::1' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:35:31
            Event String:
            The dynamic registration of the DNS record 'bml.co.mz. 600 IN A 10.10.1.10' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:35:35
            Event String:
            The dynamic registration of the DNS record 'gc._msdcs.bml.co.mz. 600 IN A 10.10.1.10' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:36:19
            Event String:
            The dynamic registration of the DNS record 'DomainDnsZones.bml.co.mz. 600 IN A 10.10.1.10' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:36:24
            Event String:
            The dynamic registration of the DNS record 'ForestDnsZones.bml.co.mz. 600 IN A 10.10.1.10' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:36:28
            Event String:
            The dynamic registration of the DNS record 'bml.co.mz. 600 IN A 172.16.1.11' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:36:33
            Event String:
            The dynamic registration of the DNS record 'gc._msdcs.bml.co.mz. 600 IN A 172.16.1.11' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:36:37
            Event String:
            The dynamic registration of the DNS record 'DomainDnsZones.bml.co.mz. 600 IN A 172.16.1.11' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:36:43
            Event String:
            The dynamic registration of the DNS record 'ForestDnsZones.bml.co.mz. 600 IN A 172.16.1.11' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:36:54
            Event String:
            The dynamic registration of the DNS record 'fd8aeb34-9467-4c03-8464-7ba9e71c5daf._msdcs.bml.co.mz. 600 IN CNAME LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x0000168E
            Time Generated: 09/17/2019 00:37:43
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.bml.co.mz. 600 IN SRV 0 100 389 LL-AD1-VM.bml.co.mz.' failed on the following DNS server:
        An error event occurred. EventID: 0x00004102
            Time Generated: 09/17/2019 00:41:34
            Event String:
            The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
        An error event occurred. EventID: 0x40000004
            Time Generated: 09/17/2019 00:42:02
            Event String:
            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ll-ad1-vm$. The target name used was ldap/BT-AD1-VM.bml.co.mz. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (bml.co.mz) is different from the client domain (bml.co.mz), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
        An error event occurred. EventID: 0x40000004
            Time Generated: 09/17/2019 00:42:07
            Event String:
            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ll-ad1-vm$. The target name used was cifs/BT-AD1-VM.bml.co.mz. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (bml.co.mz) is different from the client domain (bml.co.mz), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
        An error event occurred. EventID: 0x40000004
            Time Generated: 09/17/2019 00:42:09
            Event String:
            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ll-ad1-vm$. The target name used was cifs/BT-AD1-VM. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (bml.co.mz) is different from the client domain (bml.co.mz), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
        An error event occurred. EventID: 0x40000004
            Time Generated: 09/17/2019 00:42:52
            Event String:
            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ll-ad1-vm$. The target name used was LDAP/c689e3bf-94c5-4bc0-b2ac-c971784abd17._msdcs.bml.co.mz. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (bml.co.mz) is different from the client domain (bml.co.mz), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
        An error event occurred. EventID: 0x40000004
            Time Generated: 09/17/2019 00:43:08
            Event String:
            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ll-ad1-vm$. The target name used was BML\BT-AD1-VM$. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (bml.co.mz) is different from the client domain (bml.co.mz), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
        ......................... LL-AD1-VM failed test SystemLog
                  ......................... BT-AD1-VM failed test DNS
        Test results for domain controllers:

            DC: LL-AD1-VM.bml.co.mz
            Domain: bml.co.mz

              TEST: Basic (Basc)
                  No host records (A or AAAA) were found for this DC

              TEST: Forwarders/Root hints (Forw)
                  Error: All forwarders in the forwarder list are invalid.

            DC: BT-AD1-VM.bml.co.mz
            Domain: bml.co.mz

              TEST: Authentication (Auth)
                  Error: Authentication failed with specified credentials

              TEST: Basic (Basc)
                  Error: No LDAP connectivity
                  Error: No WMI connectivity
                  No host records (A or AAAA) were found for this DC

        Summary of DNS test results:

                                            Auth Basc Forw Del Dyn RReg Ext
            _________________________________________________________________
            Domain: bml.co.mz
              LL-AD1-VM                   PASS FAIL FAIL PASS WARN WARN n/a
              BT-AD1-VM                   FAIL FAIL n/a n/a n/a n/a n/a

        ......................... bml.co.mz failed test DNS
        Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
        A Time Server could not be located.
        The server holding the PDC role is down.
        Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
        A Good Time Server could not be located.
        ......................... bml.co.mz failed test LocatorCheck
        Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
        A Time Server could not be located.
        The server holding the PDC role is down.
        Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
        A Good Time Server could not be located.
        ......................... bml.co.mz failed test FsmoCheck

Was this post helpful? thumb_up thumb_down

EminentX

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

habanero

Active Directory & GPO Expert

• check 91 Best Answers
• thumb_up 247 Helpful Votes
• format_list_bulleted 3 How-tos

Have you done Metadata Cleanup on the current server? Seems like the old DC's metadata is remained on the server, The server is trying to replicate with it but couldn't find it.
https://community.spiceworks.com/how_to/132621-how-to-perform-metadata-cleanup-in-active-directory

1 found this helpful thumb_up thumb_down

JohnLF

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

chipotle

Why is the old server not available?  Have you removed it without demoting it and removing AD first?

If you can get it back online and then remove it properly - and please read up on how to remove a AD server properly before attempting this.

Was this post helpful? thumb_up thumb_down

Dear  EminentX,

Thanks you very much for Quick response  My Issue is Resolved now Successfully 

i have done the meda cleanup

1 found this helpful thumb_up thumb_down

EminentX

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

habanero

Active Directory & GPO Expert

• check 91 Best Answers
• thumb_up 247 Helpful Votes
• format_list_bulleted 3 How-tos

Very glad you got it resolved. I will appreciate if you mark my post as Answer. Thanks

0 of 1 found this helpful thumb_up thumb_down

How should i mark post Answer?

Was this post helpful? thumb_up thumb_down

EminentX

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

habanero

Active Directory & GPO Expert

• check 91 Best Answers
• thumb_up 247 Helpful Votes
• format_list_bulleted 3 How-tos

Manage -> Mark Best Answer

Was this post helpful? thumb_up thumb_down

How do I fix my database security?

How do you fix no trust relationship between workstation and domain?

How do I add a computer to a domain?

What is 0xC000018B?