Tech

DCOM 10009 errors on a Domain Controller

Microsoft Logo
1 Comment

Sometimes when you demote a domain controller in your domain and the domotion partially fails your other domain controllers can start to generate an enormous amount of DCOM 10009 errors because in their domain metadata they still expect to be able to contact this demoted/non-existent domain controller.

The specific error message is:

“DCOM was unable to communicate with the computer {computername} using any of the configured protocols”

I learned the hard way that you have to remove the reference to the domain controller using NTDSUTIL or these errors will never stop and will be generated, endlessly, forever as the Domain Controller tries to access this missing DC over DCOM.

While I could explain it again here Petri IT Knowledge have a great article on removing the metadata for a demoted/non-existent/uncontactable domain controllers:

Delete failed DCs from Active Directory

I hope this helps anyone who is receiving the dreaded 10009 error over and over.

-theninja

 

DCOM 10009 errors on a Domain Controller was last modified: January 28th, 2015 by theninja
  • JordanH

    What happens if that Demoted DC Gets rebuilt with the same computer name, Then how do you remove the reference when that New DC with the same name is in production.