Question : How to fix my dcdiag errors?

Hi guys,

Here is the situation, i am working in an AD forest composed of two domains:
The root acme.local
and the child corp.acme.local

I have been running a dcdiag from corp domain to check the health of the AD and here are the results:
As you may notice there are a lot of errors coming from hoat remrootdc04, that server is located in the root domain and seems to have issues communicating with the child (there is a ywo-way transitive trusts setup)

The host f3f6b94e-75c1-4cb6-8762-d828a8b58fa0._msdcs.acme.local could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name

         (f3f6b94e-75c1-4cb6-8762-d828a8b58fa0._msdcs.acme.local)

         couldn't be resolved, the server name (REMROOTDC03.acme.local)

         resolved to the IP address (10.1.1.2) and was pingable.  Check that

         the IP address is registered correctly with the DNS server.
         ......................... REMROOTDC03 failed test Connectivity
         The host cc79eb36-3f81-473d-8a81-4a737ec40dd6._msdcs.acme.local could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name

         (cc79eb36-3f81-473d-8a81-4a737ec40dd6._msdcs.acme.local)

         couldn't be resolved, the server name (REMROOTDC04.acme.local)

         resolved to the IP address (10.1.1.21) and was pingable.  Check that

         the IP address is registered correctly with the DNS server.
         ......................... REMROOTDC04 failed test Connectivity
         [REMROOTDC03] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         [REMROOTDC03] LDAP search failed with error 58,
         The specified server cannot perform the requested operation..
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... REMCORPDC01 failed test KnowsOfRoleHolders
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... USMINSV03 failed test KnowsOfRoleHolders
         [Replications Check,REMCORPDC03] A recent replication attempt failed:
            From REMROOTDC04 to REMCORPDC03
            Naming Context: DC=ForestDnsZones,DC=acme,DC=local
            The replication generated an error (1256):
            The remote system is not available. For information about network troubleshooting, see Windows Help.
            The failure occurred at 2007-05-09 13:52:46.
            The last success occurred at 2007-05-08 23:58:01.
            16 failures have occurred since the last success.
         [Replications Check,REMCORPDC03] A recent replication attempt failed:
            From REMROOTDC04 to REMCORPDC03
            Naming Context: CN=Schema,CN=Configuration,DC=acme,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2007-05-09 13:52:46.
            The last success occurred at 2007-05-08 23:57:04.
            16 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,REMCORPDC03] A recent replication attempt failed:
            From REMROOTDC04 to REMCORPDC03
            Naming Context: CN=Configuration,DC=acme,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2007-05-09 13:52:46.
            The last success occurred at 2007-05-09 00:50:28.
            116 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... REMCORPDC03 failed test KnowsOfRoleHolders
         An Warning Event occured.  EventID: 0x80000785
            Time Generated: 05/09/2007   13:43:47
            Event String: The attempt to establish a replication link for

         An Warning Event occured.  EventID: 0x80000785
            Time Generated: 05/09/2007   13:43:47
            Event String: The attempt to establish a replication link for

         An Warning Event occured.  EventID: 0x80000785
            Time Generated: 05/09/2007   13:43:47
            Event String: The attempt to establish a replication link for

         ......................... REMCORPDC03 failed test kccevent
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... SACAPSV05 failed test KnowsOfRoleHolders
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... NLAMSDC01 failed test KnowsOfRoleHolders
         An Error Event occured.  EventID: 0xC0002719
            Time Generated: 05/09/2007   12:59:23
            (Event String could not be retrieved)
         ......................... NLAMSDC01 failed test systemlog
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... FRPARSV04 failed test KnowsOfRoleHolders
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... JPTOKSV03 failed test KnowsOfRoleHolders
         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems.
         ......................... JPTOKSV03 failed test frsevent
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... KRSEOSV02 failed test KnowsOfRoleHolders
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... CATORSV06 failed test KnowsOfRoleHolders
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: REMROOTDC03 is the Domain Owner, but is not responding to LDAP Bind.
         ......................... SGSNGSV03 failed test KnowsOfRoleHolders
         ......................... ForestDnsZones failed test CrossRefValidation
         ......................... ForestDnsZones failed test CheckSDRefDom
         ......................... DomainDnsZones failed test CrossRefValidation
         ......................... DomainDnsZones failed test CheckSDRefDom
         ......................... Schema failed test CrossRefValidation
         ......................... Configuration failed test CrossRefValidation
         ......................... remarkgroup failed test CrossRefValidation
         ......................... DomainDnsZones failed test CrossRefValidation
         ......................... DomainDnsZones failed test CheckSDRefDom
         ......................... corp failed test CrossRefValidation
            Remote bridgehead Hub\REMROOTDC03 also couldn't be contacted by

            dcdiag.  Check this server.
            ***Error: The remote site Seoul, has no servers that can act as

            bridgeheads between the Seoul and the local site Singapore for the

            writeable NC DomainDnsZones.  Replication will not continue until

            this is resolved.
            ***Error: The remote site Seoul, has no servers that can act as

            bridgeheads between the Seoul and the local site Singapore for the

            writeable NC acme.  Replication will not continue until this

            is resolved.
            ***Error: The remote site Hub, has no servers that can act as

            bridgeheads between the Hub and the local site Singapore for the

            writeable NC DomainDnsZones.  Replication will not continue until

            this is resolved.
            ***Error: The remote site Hub, has no servers that can act as

            bridgeheads between the Hub and the local site Singapore for the

            writeable NC acme.  Replication will not continue until this

            is resolved.
            Remote bridgehead Hub\REMROOTDC03 also couldn't be contacted by

            dcdiag.  Check this server.
           
            [REMROOTDC04] LDAP search failed with error 58,
            The specified server cannot perform the requested operation..
            [REMROOTDC04] DsBindWithSpnEx() failed with error 1722,
            The RPC server is unavailable..
            Remote bridgehead Hub\REMROOTDC04 also couldn't be contacted by

            dcdiag.  Check this server.


Any help appreciated.

Thanks in advance.
Remarkit

Answer : How to fix my dcdiag errors?

One last question: If you would try to create stub zone for acme.local on child domain DNS do you receive an error? What is it?

I'm trying to simulate your environment with virtual machines, but I find it diffiicult (but not impossible). I will get back to you.