Here is a long story made...well not as long. I have a backup DC at a remote location having replication issues preventing people from logging in due to AD validation issues based off said replication errors. It is a VM server using dual NICs, one for external traffic and one for internal communication within the VM host. I have several entries in the Event Viewer including Event ID 1311 which seems to indicate an issue with the bridgehead controller and the site links. All other DCs within the domain function properly. I also believe the issue might be related to the DNS. When I ping the hostname it resolves to the VM Host IP but not the machine itself. When I do an NSLookup on the hostname it properly displays the machine IP address. When a co-worker pings the same hostname it resolves to the internal 192 address as opposed to the external address. Route prints show the same route for the host and the VM server, I personally question if this right. Based on what I know about the resolution of routes, the VM should have a dedicated NIC to that machine which would mean the MAC address table should reflect a different route. I might be wrong on that.

A dcdiag shows latency warnings and KCC errors.

Run netdiag /fix on both servers.

Hello, You should know that a multi-homed domain controller is not a best practice and what you described are the symptoms of running domain controllers with two NICs. In this scenario, network adapters on the multihomed domain controllers are registering both the inside and outside Internet Protocol (IP) addresses with the DNS server. DNS name resolution lookup requests return records in a "round robin" fashion, alternating the internal and external IP addresses. Replication operations require multiple lookup requests of SRV records. In this case, half of the DNS lookup requests return an IP address that cannot be contacted, and the replication operation fails. Look here for solution - Active Directory communication fails on multihomed domain controllers http://support.microsoft.com/kb/272294 Also see this thread - http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a1583d7f-fa59-4497-89de-666d683e53a0/ Sachin Gadhave MCP, MCSA, MCTS

Hello, You should know that a multi-homed domain controller is not a best practice and what you described are the symptoms of running domain controllers with two NICs. In this scenario, network adapters on the multihomed domain controllers are registering both the inside and outside Internet Protocol (IP) addresses with the DNS server. DNS name resolution lookup requests return records in a "round robin" fashion, alternating the internal and external IP addresses. Replication operations require multiple lookup requests of SRV records. In this case, half of the DNS lookup requests return an IP address that cannot be contacted, and the replication operation fails. Look here for solution - Active Directory communication fails on multihomed domain controllers http://support.microsoft.com/kb/272294 Also see this thread - http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a1583d7f-fa59-4497-89de-666d683e53a0/ Sachin Gadhave MCP, MCSA, MCTS