This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 4%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBC%3C/text%3E%3C/svg%3E)
I have 2 Server 2019 Domain controllers. AD01 and AD02. AD01 has all FSMO roles.
Have been in the process of eliminating 2 Server 2012 DC's
In Event ID 5012, Error 9026 on AD01 I see the following
//////////////////////////////
The DFS Replication service failed to communicate with partner AD01 for replication group Domain System Volume. The partner did not recognize the connection or the replication group configuration.
Partner DNS Address: AD01.domain.org
Optional data if available:
Partner WINS Address: AD01
Partner IP Address: ::1
/////////////////////////////////
I believe that the ip address being shown is incorrect and that it should be 10.5.5.4.
It seems like that the incorrect " Partner IP Address: ::1 " is IPV6 related. So while I mention that, I do want to say that IPV6 has been disabled. I don't understand how or where " ::1 " is being picked up from.
AD02 DFS Replication logs look clean without errors.
In DNS and was resolving the correct IP address 10.5.5.4 along with with the " ::1 " address and saw this and didn't think anything of this. After i started to see EVENT ID 5012 with the " ::1 " addressing for AD01, I when back through DNS and eliminated all the " ::1 " instances leaving just 10.5.5.4 for AD01. The hope was that " Partner IP Address: ::1 " would change to Partner IP Address: 10.5.5.4
Does anyone have any ideas where " ::1 " is coming from?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
You could also try a non authoritative sync
https://support.microsoft.com/en-us/help/2218556/how-to-force-an-authoritative-and-non-authoritative-synchronization-fo
or simply demote, reboot, promo again the problematic one.
--please don't forget to upvote and Accept as answer if the reply is helpful--
While I tried to follow your suggestion non authoritative sync, I must have missed something.
Had I done this correctly the first time, I would not have needed to demote a good DC
using this video, I was able to get this figured out.
@Anonymous was correct about doing a non authoritative sync.
Had I done it correctly to begin with I would not have needed to demote an otherwise perfectly good DC.
The video in following link helped me through.
Fix SYSVOL and Domain Controller Replication | Active Directory DFSR Issues Resolved
Does anyone have any ideas where " ::1 " is coming from?
IPv6 loopback address
I'd check that each domain controller has own static ip address plus loopback (127.0.0.1) listed for DNS and no others such as router or public DNS. Its also very important to verify domain health is 100% before adding new ones into the mix.
--please don't forget to upvote and Accept as answer if the reply is helpful--
The IPv6 loopback address gets dealt with when following @Anonymous recommendation for a non authoritative sync.
Glad to hear of success.
This happened after removing the old Server 2012 instance. DFS Replication was working fine prior to the removal.
So I verified the IPV4 IP address and loopback 127.0.0.1 as you suggested.
How do I stop the IPv6 loopback address? IPv6 is not enabled on these DC's
How do I stop the IPv6 loopback address? IPv6 is not enabled on these DC's
Not sure what is meant. It isn't recommended to alter IPv6 settings.
@Anonymous
I tried the non-authoritative sync as you suggested. That did not resolve the replication problem.
Another simple resolution may be to move roles off, demote, reboot, promo it again. While it is demoted it wouldn't hurt to confirm domain health was 100% before next steps.
--please don't forget to upvote and Accept as answer if the reply is helpful--
I ran DCDIAG before demoting last Server 2012 instance.. on all DC's and it came back clean on all 3 DC's...
So I've moved roles off and demoted. Will let you know about health shortly,
Sounds good, if you wanted me to take a look please run;
Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt
ipconfig /all > C:\dc3.txt
then put unzipped text files up on OneDrive and share a link.
s!Ak6vrK3A0r0ygaQMrT0XVXEle18_rw
Here is the link for files requested
AD01 was demoted yesterday. AD02 is the last standing DC in org.
Thanks....