When adding a new DC (2012 R2) to a domain (2008) everything goes well except that it never advertises as DC. Doing a bit of diagnosis i found out that ntfrs replication never starts, consequently sysvol is never replicated thus preventing DC from going live. Event viewer says 3 possible reasons are:
[1] FRS can not correctly resolve the DNS name xxxx.local from this computer.
[2] FRS is not running on xxxx.local.
[3] The topology information in the Active Directory Domain Services for this replica has not yet replicated to all the Domain Controllers.
Looking at [1] and [2] it's pretty clear to me that its not the case but 3 is problable the cause. Checking all the dcs i found out that one of them is down. My question is pretty simple. If any of the DCs of the domain is down i'll never be able to add a new DC to domain? is there any workaround without fixing the problematic DC first? some way to disable the faulty dc without demoting it temporarily.
UPDATE + FIX:
If any of the DCs of the domain is down i'll never be able to add a
new DC to domain?
Yes. I needed to fix the faulty DC before I could add a new one.
ntfrs replication never starts
DNS and LDAP were being blocked by one of the sites. As a quick fix, i created a connection between different sites for replication. Instead of going straight to the PDC master, i made a connection 1 jump away. Takes longer but worked while some folks were working on opening the required ports. It was hard to identify at start because all the process of installing and setting up a new DC on Ws2012 went ok including all the replication (except sysvol) but for some reason it was not trying automatically to use another DC to sync SYSVOL as it was unable to sync with PDC directly.
Best Answer
An unreachable domain controller doesn't necessarily prevent the addition of a new domain controller, unless the domain controller that's down provides the link between the new domain controller and the rest of the domain.
Given that this isn't really the problem you're having, I'll answer this a different way. Your first troubleshooting steps are to:
Check that all your Active Directory services are running and not throwing errors, on both this server having the problem, and at least one of the domain controllers it's linked to. (If you don't know what I mean when I say "linked," just read on, I'll get there shortly.)
Verify DNS. Your new domain controller should have a different domain controller (that it can connect to) as its primary DNS server, and itself as a secondary or tertiary DNS server. Make sure that's how it's configured, and make sure that you can actually connect to the other DNS configured servers.
Verify the links between your domain controllers. The GUI application for this is called Active Directory Sites and Services, and will look a little like the screenshot below. You need a link between the new domain controller and at least one other domain controller. It should be automatically generated, but you can create one manually if needed.
After those basic steps, it's time to dig through the event logs, dcdiag and other Active Directory diagnostic/troubleshooting tools, which seems to be beyond the scope of your "simple question."