Can not login to domain controller that didn’t replicate for too long or wrong DNS setting of old replication partner prevent login
Recently I had a case of an IT team that upgrade servers in on windows active directory site and forgot all about the other site that was replicating the AD between two domain controllers. On the first site they upgrade the DC, change the IP and setting and didn’t make sure replication was in order. After awhile it was impossible to login as the password didn’t work any more . What I did its access the forgotten DC server on the second site with PsExes from sysinternals
More information can be found here : https://www.itprotoday.com/compute-engines/psexec
You need to run cmd on remote server
psexec \\remote_DC cmd
Then change the DNS settings in order to obtain access to the console, First make sure you are on the right console
ipconfig /all
Now you can add DNS to the ip on the right network card, clear the current settings (“Local Area Connection” is the right network card in this example)
netsh dnsclient delete dnsserver "Local Area Connection" all
add the right dns ip in the 1 place
netsh dnsclient add dnsserver "Local Area Connection" xx.xx.xx.xx index=1
Second DNS
netsh dnsclient add dnsserver "Local Area Connection" xx.xx.xx.xx index=2
now
ipconfig /flushdns & ipconfig /registerdns
Try to login as domain admin .