DRA IACR fails with unspecfied error

Within the DRA Account and Resource Management or Delegation and Configuration console one or more managed domains will show a red question mark on the accounts cache status. The Incremetental Accounts Refresh status will show the IACR has unsuccessfully completed with a status of hr=80004005=(Unspecified error) . There will also be a corresponding Windows Application Event Log event for the same error as well.

This issue is resolved with the release of DRA 9.0 SP1.
This issue can also be temporarily resolved by running a full accounts cache on the affected Domain(s). Once the FACR runs, subsequent IACRs will run correctly.  To run a FACR:

1. Logon to the D&C console in the context of the DRA Service account, or other assistant admin with DRA Administration rights. 
2. Connect the console to the DRA Server(s) with the issue
3. Locate the domain(s) with the issue from the Configuration Management -- Managed Domains section
4. From the right Click Menu of the affected domain, choose the properties option
5. From the Domain Properties window, click on the full refresh link
6. Use the Refresh Now button to trigger a FACR
7. Once the FACR is complete, and a console refresh is done; the accounts cache status should show OK.
   

This is a known issue in the DRA 8.7.x and DRA 9.0 code. It typically only effects Windows 2008 R2 Managed domains.

When running a FACR, the domain will be unavailable for use by the specific DRA server running the FACR. This will prevent any DRA Assistant Admins who are a member of the domain from logging on to the DRA consoles. This will also prevent DRA from managing any objects contained in the specific domain. From the Full Refresh window of the domain properties there will be message detailing out how long the previous FACR took to run. This time will give a basic idea of how long a FACR should take to run. As of DRA 8.7.x and newer the need to run a FACR is reduced. A FACR should only be run at the advice of NetIQ Technical Support.