JSI Tip 6117. Active Directory replication fails when a DNS lookup is NOT successful?

When you use Active Directory Sites and Service to replicate changes between replica partners, you receive:

The following error occurred during the attempt to synchronize the domain controllers:
The naming context is in the process of being removed or is not replicated from the specified server.

You receive a System event log entry similar to:

Event ID: 1265
Source: NTDS KCC
Type: Warning
Category: Knowledge Consistency
The attempt to establish a replication link with parameters
Partition: DC=yourinfo,DC=yourinfo,DC=yourinfo,DC=com Source DSA DN: CN=NTDS Settings,CN=NT5-PCI-20,CN=Servers,CN=GSCIntranet,CN=Sites,CN=Configuration,DC=child,DC=yourdomain,DC=com
Source DSA Address: .
Inter-site Transport (if any): failed with the following status:
The DSA operation is unable to proceed because of a DNS lookup failure. The record data is the status code. This operation will be retried.

This problem will occur if the DNS database does NOT have a SRV resource record for ..

To fix the problem:

1. Open a CMD prompt.

2. ping .. If the Packet InterNet Groper could NOT find the host, the DNS database does NOT have a SRV resource record for ..

3. Open Administrative Tools / DNS and expand the DNS server.

4. Expand Forward Lookup Zones.

5. Right-click each zone and press Properties.

6. Set Allow dynamic updates to Yes or Only secure updates.

7. Press OK.

8. Open a CMD prompt on your DNS server and type net stop dns followed by net start dns.

9. Open a CMD prompt on your and type net stop netlogon followed by net start netlogon.

NOTE: See How do I setup the Domain Name System for Active Directory?