Return
-
Title
The specified domain either does not exist or could not be contacted -
Description
A managed domains appear unavailable in the Active Roles MMC Console:
NOTE: The domain may be available in Active Directory Users and Computers (ADUC).
-
Resolution
WORKAROUND 1
Please ensure:1.- The Domain Controller used by the ARS service is pingable.
2.- Telnet from affected ARS server to DC port 135 and 389 is successful.
3.- Run NSLOOKUP to diagnose Domain Name System (DNS) infrastructure (each line is a separate command, substitute the problem domain name for domain.local):
NSLOOKUP
set type=all
_ldap._tcp.dc._msdcs.domain.local
WORKAROUND 2Ensure the Administration Services added to the affected managed domain are set to the correct AD site or pointing to an available/correct Domain Controller. If a change is required here, the Active Roles Service will need to be re-started:
WORKAROUND 3
If after following WORKAROUND 1 and WORKAROUND 2 the issue still persists, and the DS.log shows error 8000500D which means the directory property cannot be found in the cache for some reason, then follow below steps:1. Enable the Active Roles Administration service Verbose LoggingNote: Please rename any existing DS.log file so that a new DS.log file is recreated2. Close the Active Roles MMC Console3. Stop Quest Active Roles Administration Service4. Clear ADSI Provider schema cache: go to C:\ProgramData\One Identity\Active Roles\ADSI and delete all Files5. Start the Active Roles Service6. Open the Active Roles Administration MMC console and confirm the issue has been resolved
7. If the issue still occurs, raise a new service request with support and provide the new set of logs
NOTE: Disable Verbose logging once logs have been provided to avoid running out of hard drive space.