This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 21%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
Hi,
I am having an issue with my domain controller. Recently successfully migrated my Windows Server 2008 (which holds DNS and DHCP roles). DCPROMO demotion failed so I had to manually remove the old DC, did the metadata cleanup, and disconnected it from the network. I also, assigned the static ip address of the old server to new server. FSMO was transferred successfully. DNS and DHCP seems to be working, I can ping my domain controller from the device I want to join.
Dsdiag /test:dns passed successfully
The users can’t login to their accounts (“We can’t sign you with this credential because your domain isn’t available…”). I can’t join new devices to the domain ("network path was not found")
Also, as a domain admin user I can login/logoff to devices but it takes too long to do so.
In the event viewer could not see any recent errors.
Any help would be appreciated. Thanks.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi,
Welcome to share your current situation if there are any updates.
Please feel free to let us know if you need further assistance.
Best Regards,
I am still having the issue with adding new devices/users to domain controller.
Please run;
Dcdiag /v /c /d /e /s:%computername% >c:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt
ipconfig /all > C:\problemworkstation.txt
then put unzipped text files up on OneDrive and share a link.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 16%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHX%3C/text%3E%3C/svg%3E)
Hello,
Thank you so much for posting here.
To further troubleshoot, we need to check whether our AD environment is healthy. We could run the commands as Dave mentioned to check if all DCs work fine and if AD replication works properly.
Looking forward to your feedback. Thanks so much.
Best regards,
Hannah Xiong
Looks Ok, I'd check that the domain controller and problem members both got the Domain network firewall profiles. If not try restarting the Network Location Awareness (NlaSvc)
--please don't forget to Accept as answer if the reply is helpful--
Hello,
Thank you so much for your kindly reply.
There is only one DC, right? And now we could not join new devices to the domain, right?
Have we checked the C:\Windows\Debug\Netsetup.log on the devices?
Best regards,
Hannah Xiong
Hello,
I am checking how the issue is going, if you still have any questions, please feel free to contact us.
Thank you so much for your time and support.
Best regards,
Hannah Xiong
I'm not sure, but I think you might have a subnetting issue. From the logs you provided, the client machine is in subnet 255.255.252.0 which is a Class B Subnet, which would provide the following IP range:
191.168.0.1 - 191.168.3.254
Your client is within this range, as is your DC, but the DC has a different subnet.
Your DC is 255.255.255.0 which is a Class C Subnet, which gives only the following IP range:
192.168.1.1 - 192.168.1.254
Your client is not in this range, so it might be why it is getting the errors that you are seeing.
Have you tried to change the subnet for the DC to match the subnet for the clients? 255.255.252.0 and see if that allows them to communicate with one another?
Hope this helps....
Edward