Recently I was cleaning up our DNS system after adding new NICs to the server and during this process I accidentally disabled DNS service on IPv6 protocols. I am perfectly aware of dangers of disabling IPv6 in recent Windows versions(2008 and up) but somehow I decided that DNS servers shouldn’t listen or respond on this addresses. This almost immediately led to an error like below:

PS C:\Windows\system32> repadmin /syncall
CALLBACK MESSAGE: Error contacting server ee56bf77-bed1-4c9e-9e7e-147c804e4482._msdcs.domain.local (network error): 1722 (0x6ba):
    The RPC server is unavailable.
CALLBACK MESSAGE: Error contacting server b01a3622-303d-4ac0-b293-556605b6a5cd._msdcs.domain.local (network error): 1722 (0x6ba):
    The RPC server is unavailable.

SyncAll exited with fatal Win32 error: 8440 (0x20f8):
    The naming context specified for this replication operation is invalid.

Replication of DNS entries was working but GPOs etc. had problems.

What I did was:

  1. Note the IPv6 address of interfaces that should handle DNS requests on DNS servers and from DCs
  2. Make sure that IPv6 DNS for each interface that should be on the network has DNS registration enabled(for DCs and DNS at least)
  3. Enabled interfaces from #1 in the DNS Server properties in all servers so they handle DNS requests for IPv4 and IPv6

Now everything seems to work correctly, repadmin /syncall returns success. Happy days!

Loading