🟠 High   ⏱ 5–30 min  Last verified: 29 May 2026
Affected versions: Windows Server 2022

📖 ~1 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution — Primary Fix
  7. Solution — Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

Domain controllers on Windows Server 2022 show replication failures with RPC errors. Authentication delays, stale directory objects, and policy drift can impact production services.

Environment & Reproduction

Observed on Windows Server 2022 (build 20348 family) domain controllers after DNS, firewall, or network path changes.

Get-ADDomainController -Filter * | Select HostName,Site,IPv4Address
repadmin /replsummary
repadmin /showrepl * /csv | ConvertFrom-Csv | Select DestinationDsa,SourceDsa,LastFailureStatus

Root Cause Analysis

Typical causes are RPC endpoint filtering, broken DNS registration, or time skew between DCs. In build 20348 environments, hardened baseline policies can expose latent replication path issues.

Quick Triage

Validate name resolution, time sync, and key AD services before deep remediation.

Resolve-DnsName dc01.contoso.local
w32tm /query /status
Get-Service NTDS,Netlogon,KDC,DNS | Select Name,Status,StartType

Step-by-Step Diagnosis

Collect replication metadata and confirm failing naming contexts.

repadmin /showrepl
dcdiag /test:replications /test:dns /v
Get-WinEvent -LogName 'Directory Service' -MaxEvents 80 | Select TimeCreated,Id,LevelDisplayName,Message
Illustrative mockup for windows-server-2022 — terminal_or_powershell
Replication diagnostics in PowerShell — Illustrative mockup — Progressive Robot

Solution — Primary Fix

Restore DNS and RPC connectivity first, then force replication.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

ipconfig /registerdns
Restart-Service Netlogon
netsh advfirewall firewall set rule group='Remote Event Log Management' new enable=Yes
repadmin /syncall /AdeP
Illustrative mockup for windows-server-2022 — event_or_log_viewer
Event log evidence for AD replication failure — Illustrative mockup — Progressive Robot

Solution — Alternative Approaches

If failures persist, rebuild secure channels and verify DC locator records.

nltest /sc_query:contoso.local
nltest /dsregdns
setspn -X
repadmin /kcc

Verification & Acceptance Criteria

Replication should complete with zero recent failures.

repadmin /replsummary
repadmin /queue
Get-ADReplicationPartnerMetadata -Target * -Scope Forest | Select Server,Partner,LastReplicationSuccess

Rollback Plan

Revert firewall or DNS changes if they caused broader outages.

netsh advfirewall export C:Tempfw-postfix.wfw
netsh advfirewall import C:Tempfw-prechange.wfw
Restore-DnsServerPrimaryZone -Name 'contoso.local' -FileName 'contoso.local.dns'

Prevention & Hardening

Use continuous AD health checks and strict change windows.

dcdiag /q
repadmin /replsummary
Get-ScheduledTask -TaskName 'AD-Health-*' | Enable-ScheduledTask

Often coexists with Kerberos clock skew, SYSVOL DFSR backlog, and broken DC DNS SRV records.

Related tutorial: View the step-by-step tutorial for Windows Server 2022.

View all Windows Server 2022 tutorials on the Tutorials Hub →

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Microsoft Learn: Active Directory replication troubleshooting, RPC error 1722 guidance, and AD DS operations on Windows Server 2022.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.