This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 15%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
When trying to PrepareSchema for exchange 2019 we are getting an error
[09/13/2022 01:36:39.0440] [1] 0. ErrorRecord: Microsoft.Exchange.Configuration.Tasks.TaskException: There was an error while running 'ldifde.exe' to import the schema file 'C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema0.ldf'. The error code is: 8224. More details can be found in the error file: 'C:\Users\adm\AppData\Local\Temp\2\ldif.err'
ldif.err
Entry DN: CN=ms-Exch-ELC-Expiry-Action,CN=Schema,CN=Configuration,DC=corp,DC=local
Add error on entry starting on line 1: Operations Error
The server side error is: 0x21a2 The FSMO role ownership could not be verified because its directory partition has not replicated successfully with at least one replication partner.
The extended server error is:
000021A2: SvcErr: DSID-030A0B6B, problem 5012 (DIR_ERROR), data 8610
An error has occurred in the program
Domain and forest level are 2012 R2
When running repadmin /syncall /AdeP
All partitions are showing
CALLBACK MESSAGE: SyncAll Finished.
SyncAll terminated with no errors.
Dcdiag
dcdiag error
Starting test: Replications
[Replications Check,DC1] A recent replication attempt failed:
From DC2 to DC1
Naming Context: DC=ForestDnsZones,DC=corp,DC=local
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2022-09-12 21:28:48.
The last success occurred at 2022-09-12 20:11:59.
1 failures have occurred since the last success.
The guid-based DNS name
f61504e0-520f-4f8d-b4ac-cf613a66ff48._msdcs.corp.local
is not registered on one or more DNS servers.
[Replications Check,DC1] A recent replication attempt failed:
From DC2 to DC1
Naming Context: DC=DomainDnsZones,DC=corp,DC=local
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 80%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Hi,
I am currently doing some research on this issue and will inform you as soon as possible.
Please be patient for a while…
REPADMIN /REPLSUM
Replication Summary Start Time: 2022-09-13 21:58:12
Beginning data collection for replication summary, this may take awhile:
Source DSA largest delta fails/total %% error
DC1 01h:48m:29s 0 / 5 0
DC2 01h:49m:57s 5 / 5 100 (8524) The DSA operation is unable to proceed because of a DNS lookup failure.
Destination DSA largest delta fails/total %% error
DC1 01h:49m:57s 5 / 5 100 (8524) The DSA operation is unable to proceed because of a DNS lookup failure.
DC2 01h:48m:29s 0 / 5 0
Hi @nettech ,
Just checking in to see how things are going on with this thread.
If the reply was helpful, you can click the "Accept Answer" button under this post so that other's with similar question can benefit from this thread as well.
If you still have further questions or concerns, feel free to post back.
Make sure all Domain Controllers are reachable.
Remove any orphaned domain controllers.
Try running on the domain controller itself, holding the schema master.
Yes, both DC1 and DC2 are reachable, we don't have any orphaned DCs.
I can only run schema update on the domain controller holding the schema master role as the DC that is located in the same site with exchange server does not hold any of the FISMO roles
Hi @nettech ,
According to the error code 8224, it indicates the main cause is a replication issue with the domain controllers in the environment.
Please refer to the following methods to check whether there are any domain controllers in your environment that are offline or deactivated:
1.Open “Active Directory Sites and Services” , expand all the sites and look at the server names .
2.Check whether there are any old DCs in the list.
3.Delete all the stale Domain Controllers
4.Delete stale Name Servers from DNS properties
5.Reboot all DC's in the site
Finally, try running Prepareschema command on Exchange Server again to see if the error is changed.
In addition , I also search for an official documentation about the error id 8524. It can also be caused by an expired DC or an expired NTDS. You could refer to the following links for troubleshooting:
Active Directory Replication fails with Win32 error 8524 - Windows Server | Microsoft Learn
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
We don’t have any old DCs in our AD sites and services.
We have 2 DCs and they are in different sites.
There is no stale DCs
Both DCs have been rebooted and have no connectivity problems
I can’t run Prepareschema on the exchange as it’s located in the site with DC that does not hold any of the FISMO roles.
f61504e0-520f-4f8d-b4ac-cf613a66ff48._msdcs.corp.local is pingable from both DCs
Hi,
Please use the following command line to check for FSMO roles in another DC:
netdom query fsmo
Then you could refer to the following link to move FSMO roles to another DC you need:
Powershell: Move (Transfering or Seizing) FSMO Roles to Another Domain Controller - TechNet Articles - United States (English) - TechNet Wiki (microsoft.com)
Alternatively ,you could prepare in the DC that has roles and wait for AD copy completed. Then try installing Exchange Server again to see if the issue persists.