DC's storming me with issues

Hi

I have 2 DC's (server 2019) (1 physical, 1 Virtual) was working good, but last month I did notice some issues like I couldn't connect from dc2 to dc1. so I opened Event Viewer to find muliple errors and warnings.

Some of them in DC1:

• This server is the owner of the following FSMO role, but does not consider it valid. For the partition which contains the FSMO, this server has not replicated successfully with any of its partners since this server has been restarted. Replication errors are preventing validation of this role.
• Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
• Active Directory Domain Services could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory Domain Services from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
• The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed
• This directory partition has not been backed up since at least the following number of days.

• Automatic registration failed at join phase.

  Exit code: Unknown HResult Error code: 0x801c001d

• Failed to register the service principal name 'Microsoft Virtual Console Service'.

• The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.

And on DC2:

• The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
• event id: 5781
• Some of DC1 events.

What I did:

• I did search and try almost every solution I found in internet without success.
• I did move the virtual one to be inside the physical one in case my problem was from my switches for example.
• uninstall AV from DC's.
• run my 2nd DC inside the 1st (for troubleshooting).

What I found:

• moving the virtual inside the physical one helped me a little, I can now replicate dns but that's it !
• I found odd thing: I can access DC1 by name (in file explorer) from any server except DC2 that access DC1 by ip address only !

UPDATE:

Turn out this issue happened from restoring DC1 couple days ago. I had learned that I can't restore DC's like any other machine ! OK. I am learning now how to fix this : )

Thanks...

You said "DC2 that access DC1 by ip address only"

This would worry me the most, AD is very dependant on DNS (especially SRV records). Troubleshooting this (or even forcing resolution via \system32\drivers\etc\hosts until you get them sync'ed properly) is a first priority.

Also may want to make sure the two DC's are using the same time source (by default your DC emulating a PDC).

"I did move the virtual one to be inside the physical one in case my problem was from my switches for example."

Does that mean you are running one DC on the other using Hyper-V? I would try not to do that. Ideally you'd have your Hyper-V box running nothing other than the hypervisor on the physical hardware.