This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 99%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOL%3C/text%3E%3C/svg%3E)
Hi there,
We have two DCs. One installed in the office DC1 (192.168.20.21) and the other in the cloud MainDC (172.31.32.40).
ipcpnfig DC1:
Windows IP Configuration
Host Name . . . . . . . . . . . . : DC1
Primary Dns Suffix . . . . . . . : domain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.local
PPP adapter RAS (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RAS (Dial In) Interfac
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.20.60(Preferre
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter NIC1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gig
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . :
IPv4 Address. . . . . . . . . . . : 192.168.20.21(Preferre
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.20.1
DHCPv6 IAID . . . . . . . . . . . : 315105126
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-28-C8-6F-C
DNS Servers . . . . . . . . . . . : 172.31.32.40
192.168.20.21
NetBIOS over Tcpip. . . . . . . . : Enabled
Ipconfig DC2:
Windows IP Configuration
Host Name . . . . . . . . . . . . : MainDC
Primary Dns Suffix . . . . . . . : domain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.local
Ethernet adapter Ethernet 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : AWS PV Network Device #
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . :
IPv4 Address. . . . . . . . . . . : 172.31.32.40(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.31.32.1
DHCPv6 IAID . . . . . . . . . . . : 319697556
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-26-FC-B5-3D
DNS Servers . . . . . . . . . . . : 192.168.20.21
172.31.32.40
NetBIOS over Tcpip. . . . . . . . : Enabled
On DC1 we received every 15 min Error 4015: "The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error."
From MainDC Error 4015 AND 4004: "The DNS server was unable to complete directory service enumeration of zone TrustAnchors. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error."
Replication is currently working fine. All data is mirrored. Ping passed between DCs. But nslookup result:
From MainDC:
Server: UnKnown
Address: 192.168.20.21
Name: domain
Addresses: 172.31.32.40
192.168.20.21
From DC1:
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 172.31.32.40
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
Please advise what I missed in configuration and how to fix this issue. Thank you!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Multi-homing a domain controller will always cause no end to grief for active directory DNS. Install the RRAS roles on it's own instance of windows.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Hi,
Thanks for you reply. As is it only one recommendation and we also thinking before about transferring RRAS to another servers. So, yes, we will try and it's require a time, of course.
Sounds good, please don't forget to close up the thread by 
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
this process is not short. I'll push update as soon as we can do this.
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Hi there,
The DNS Server service relies on Active Directory Domain Services (AD DS) to store and retrieve information for AD DS-integrated zones.
This error indicates that AD DS is not responding to requests from the DNS Server service. Ensure that AD DS is functioning properly, troubleshoot any problems, and then restart the DNS Server service.
You can follow the troubleshooting steps from the below article and see if that helps you
Event ID 4015 — DNS Server Active Directory Integration https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc735674(v=ws.10)?redirectedfrom=MSDN
------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept it as an answer–
The DNS service has been rebooted many times as well as the servers in general, it does not help.