Julian,

At what point do your users get hung up on login? Can you browse the
network from your PDC?

-----Original Message-----
From: Dean Wells [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 11, 2001 9:59 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD problems. Please help !!


I'm afraid that's not quite right, the GC is only required for
authentication in a multi-domain forest irrespective of the domain
modes.

HTH

Dean

--
Dean Wells
MSEtechnology
* Tel: +1 (954) 501-4307
* Email: [EMAIL PROTECTED]
http://msetechnology.com



-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Ian Moran
Sent: Tuesday, December 11, 2001 6:56 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD problems. Please help !!


If a Global Catalog server (GC) is un-available users will not be able
to logon. By default the first DC is a GC - your second DC wont be.

Ian Moran
Konnexion Ltd

> -----Original Message-----
> From: Julian Lyndon-Smith [mailto:[EMAIL PROTECTED]]
> Sent: 11 December 2001 14:53
> To: '[EMAIL PROTECTED]'
> Subject: [ActiveDir] AD problems. Please help !!
>
>
> We are tearing our hair out at this moment. Please help a man
> staring into the depths of insanity.
>
> We have a Win2K SP2 server (MachineA) running AD in native
> mode, as the only domain controller on the network.
>
> We have added another Win2K SP2 server (MachineB) to the
> network, and ran dcpromo on it successfully to join it as a
> domain controller.
>
> Under AD Users and Computers, the machines show up as domain
> controllers.
>
> All the DNS entries seem ok - we have both machines running
> DNS integrated with the AD.
>
> All is fine. Users can log on. However.
>
> 1) If we turn off MachineA no one can logon to the network
> 2) If we try & dcpromo MachineA to be just a member server,
> then we get the error message about "no domain controller is
> available"
>
> We think that it is something to do with SYSVOL and NETLOGON
> but cannot find the solution. The FRS service is running on
> both machines.
>
> We have tried everything that we could find on the web.
>
> We have run dcdiag and netdiag on both machines with the
> following results:
>
> ###### MachineA DCDiag ########
>
> DC Diagnosis
>
> Performing initial setup:
>    Done gathering initial info.
>
> Doing initial non skippeable tests
>
>    Testing server: Default-First-Site-Name\MachineA
>       Starting test: Connectivity
>          ......................... MachineA passed test Connectivity
>
> Doing primary tests
>
>    Testing server: Default-First-Site-Name\MachineA
>       Starting test: Replications
>          ......................... MachineA passed test Replications
>       Starting test: NCSecDesc
>          ......................... MachineA passed test NCSecDesc
>       Starting test: NetLogons
>          ......................... MachineA passed test NetLogons
>       Starting test: Advertising
>          ......................... MachineA passed test Advertising
>       Starting test: KnowsOfRoleHolders
>          ......................... MachineA passed test
> KnowsOfRoleHolders
>       Starting test: RidManager
>          ......................... MachineA passed test RidManager
>       Starting test: MachineAccount
>          * MachineA is not trusted for account delegation
>          ......................... MachineA failed test MachineAccount
>       Starting test: Services
>          ......................... MachineA passed test Services
>       Starting test: ObjectsReplicated
>          ......................... MachineA passed test
> ObjectsReplicated
>       Starting test: frssysvol
>          Error: No record of File Replication System, SYSVOL started.
>          The Active Directory may be prevented from starting.
>          There are errors after the SYSVOL has been shared.
>          The SYSVOL can prevent the AD from starting.
>          ......................... MachineA passed test frssysvol
>       Starting test: kccevent
>          ......................... MachineA passed test kccevent
>       Starting test: systemlog
>          ......................... MachineA passed test systemlog
>
>    Running enterprise tests on : OurDomain.com
>       Starting test: Intersite
>          ......................... OurDomain.com passed test Intersite
>       Starting test: FsmoCheck
>          ......................... OurDomain.com passed test FsmoCheck
>
> ###### MachineB DCDiag ########
>
> DC Diagnosis
>
> Performing initial setup:
>    Done gathering initial info.
>
> Doing initial non skippeable tests
>
>    Testing server: Default-First-Site-Name\MachineB
>       Starting test: Connectivity
>          ......................... MachineB passed test Connectivity
>
> Doing primary tests
>
>    Testing server: Default-First-Site-Name\MachineB
>       Starting test: Replications
>          ......................... MachineB passed test Replications
>       Starting test: NCSecDesc
>          ......................... MachineB passed test NCSecDesc
>       Starting test: NetLogons
>          ......................... MachineB passed test NetLogons
>       Starting test: Advertising
>          Warning: DsGetDcName returned information for
> \\MachineA.OurDomain.com, when we were trying to reach MachineB.
>          Server is not responding or is not considered suitable.
>          ......................... MachineB failed test Advertising
>       Starting test: KnowsOfRoleHolders
>          ......................... MachineB passed test
> KnowsOfRoleHolders
>       Starting test: RidManager
>          ......................... MachineB passed test RidManager
>       Starting test: MachineAccount
>          ......................... MachineB passed test MachineAccount
>       Starting test: Services
>             Could not open SMTPSVC Service on
> [MachineB]:failed with 1060: Win32 Error 1060
>          ......................... MachineB failed test Services
>       Starting test: ObjectsReplicated
>          ......................... MachineB passed test
> ObjectsReplicated
>       Starting test: frssysvol
>          Error: No record of File Replication System, SYSVOL started.
>          The Active Directory may be prevented from starting.
>          ......................... MachineB passed test frssysvol
>       Starting test: kccevent
>          ......................... MachineB passed test kccevent
>       Starting test: systemlog
>          ......................... MachineB passed test systemlog
>
>    Running enterprise tests on : OurDomain.com
>       Starting test: Intersite
>          ......................... OurDomain.com passed test Intersite
>       Starting test: FsmoCheck
>          ......................... OurDomain.com passed test FsmoCheck
>
> ###### MachineA NetDiag ########
>
> .....................................
>
>     Computer Name: MachineA
>     DNS Host Name: MachineA.OurDomain.com
>     System info : Windows 2000 Server (Build 2195)
>     Processor : x86 Family 5 Model 8 Stepping 12, AuthenticAMD
>     List of installed hotfixes :
>         Q147222
>
>
> Netcard queries test . . . . . . . : Passed
>     [WARNING] The net card 'Eicon DIVA 2.01 S/T (USB)' may
> not be working because it has not received any packets.
>
>
>
> Per interface results:
>
>     Adapter : Local Area Connection 2
>
>         Netcard queries test . . . : Passed
>
>         Host Name. . . . . . . . . : MachineA.OurDomain.com
>         IP Address . . . . . . . . : 192.168.10.2
>         Subnet Mask. . . . . . . . : 255.255.255.0
>         Default Gateway. . . . . . : 192.168.10.109
>         Dns Servers. . . . . . . . : 127.0.0.1
>
>
>         AutoConfiguration results. . . . . . : Passed
>
>         Default gateway test . . . : Passed
>
>         NetBT name test. . . . . . : Passed
>
>         WINS service test. . . . . : Skipped
>             There are no WINS servers configured for this interface.
>
>
> Global results:
>
>
> Domain membership test . . . . . . : Passed
>
>
> NetBT transports test. . . . . . . : Passed
>     List of NetBt transports currently configured:
>         NetBT_Tcpip_{8BAAB444-9BDC-4B87-8249-2F5647FB4B3F}
>     1 NetBt transport currently configured.
>
>
> Autonet address test . . . . . . . : Passed
>
>
> IP loopback ping test. . . . . . . : Passed
>
>
> Default gateway test . . . . . . . : Passed
>
>
> NetBT name test. . . . . . . . . . : Passed
>
>
> Winsock test . . . . . . . . . . . : Passed
>
>
> DNS test . . . . . . . . . . . . . : Passed
>     PASS - All the DNS entries for DC are registered on DNS
> server '127.0.0.1' and other DCs also have some of the names
> registered.
>
>
> Redir and Browser test . . . . . . : Passed
>     List of NetBt transports currently bound to the Redir
>         NetBT_Tcpip_{8BAAB444-9BDC-4B87-8249-2F5647FB4B3F}
>     The redir is bound to 1 NetBt transport.
>
>     List of NetBt transports currently bound to the browser
>         NetBT_Tcpip_{8BAAB444-9BDC-4B87-8249-2F5647FB4B3F}
>     The browser is bound to 1 NetBt transport.
>
>
> DC discovery test. . . . . . . . . : Passed
>
>
> DC list test . . . . . . . . . . . : Passed
>
>
> Trust relationship test. . . . . . : Skipped
>
>
> Kerberos test. . . . . . . . . . . : Passed
>
>
> LDAP test. . . . . . . . . . . . . : Passed
>
>
> Bindings test. . . . . . . . . . . : Passed
>
>
> WAN configuration test . . . . . . : Skipped
>     No active remote access connections.
>
>
> Modem diagnostics test . . . . . . : Passed
>
> IP Security test . . . . . . . . . : Passed
>     IPSec policy service is active, but no policy is assigned.
>
>
> The command completed successfully
> ###### MachineB NetDiag ########
>
> ......................................
>
>     Computer Name: MachineB
>     DNS Host Name: MachineB.OurDomain.com
>     System info : Windows 2000 Server (Build 2195)
>     Processor : x86 Family 6 Model 8 Stepping 10, GenuineIntel
>     List of installed hotfixes :
>         Q147222
>
>
> Netcard queries test . . . . . . . : Passed
>     [WARNING] The net card 'RAS Async Adapter' may not be
> working because it has not received any packets.
>
>
>
> Per interface results:
>
>     Adapter : Local Area Connection
>
>         Netcard queries test . . . : Passed
>
>         Host Name. . . . . . . . . : MachineB.OurDomain.com
>         IP Address . . . . . . . . : 192.168.10.6
>         Subnet Mask. . . . . . . . : 255.255.255.0
>         Default Gateway. . . . . . : 192.168.10.109
>         Dns Servers. . . . . . . . : 127.0.0.1
>
>
>         AutoConfiguration results. . . . . . : Passed
>
>         Default gateway test . . . : Passed
>
>         NetBT name test. . . . . . : Passed
>
>         WINS service test. . . . . : Skipped
>             There are no WINS servers configured for this interface.
>
>     Adapter : {33ED5761-2667-4254-B381-03ECF79157DA}
>
>         Netcard queries test . . . : Passed
>
>         Host Name. . . . . . . . . : MachineB
>         IP Address . . . . . . . . : 169.254.230.53
>         Subnet Mask. . . . . . . . : 255.255.255.255
>         Default Gateway. . . . . . :
>         Dns Servers. . . . . . . . : 127.0.0.1
>
>
>         AutoConfiguration results. . . . . . : Passed
>
>         Default gateway test . . . : Skipped
>             [WARNING] No gateways defined for this adapter.
>
>         NetBT name test. . . . . . : Passed
>         [WARNING] At least one of the <00> 'WorkStation
> Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
>             No remote names have been found.
>
>         WINS service test. . . . . : Skipped
>             There are no WINS servers configured for this interface.
>
>
> Global results:
>
>
> Domain membership test . . . . . . : Failed
>     [WARNING] Ths system volume has not been completely
> replicated to the local machine. This machine is not working
> properly as a DC.
>
>
> NetBT transports test. . . . . . . : Passed
>     List of NetBt transports currently configured:
>         NetBT_Tcpip_{C03C0240-20EF-45DC-B733-3FE525AA9587}
>         NetBT_Tcpip_{33ED5761-2667-4254-B381-03ECF79157DA}
>     2 NetBt transports currently configured.
>
>
> Autonet address test . . . . . . . : Passed
>
>
> IP loopback ping test. . . . . . . : Passed
>
>
> Default gateway test . . . . . . . : Passed
>
>
> NetBT name test. . . . . . . . . . : Passed
>
>
> Winsock test . . . . . . . . . . . : Passed
>
>
> DNS test . . . . . . . . . . . . . : Passed
>     PASS - All the DNS entries for DC are registered on DNS
> server '127.0.0.1' and other DCs also have some of the names
> registered.
>
>
> Redir and Browser test . . . . . . : Passed
>     List of NetBt transports currently bound to the Redir
>         NetBT_Tcpip_{C03C0240-20EF-45DC-B733-3FE525AA9587}
>         NetBT_Tcpip_{33ED5761-2667-4254-B381-03ECF79157DA}
>     The redir is bound to 2 NetBt transports.
>
>     List of NetBt transports currently bound to the browser
>         NetBT_Tcpip_{C03C0240-20EF-45DC-B733-3FE525AA9587}
>         NetBT_Tcpip_{33ED5761-2667-4254-B381-03ECF79157DA}
>     The browser is bound to 2 NetBt transports.
>
>
> DC discovery test. . . . . . . . . : Passed
>
>
> DC list test . . . . . . . . . . . : Passed
>
>
> Trust relationship test. . . . . . : Passed
>     Secure channel for domain 'OURDOMAIN' is to
> '\\MachineA.OurDomain.com'.
>
>
> Kerberos test. . . . . . . . .
> . . : Passed
>
>
> LDAP test. . . . . . . . . . . . . : Passed
>
>
> Bindings test. . . . . . . . . . . : Passed
>
>
> WAN configuration test . . . . . . : Skipped
>     No active remote access connections.
>
>
> Modem diagnostics test . . . . . . : Passed
>
> IP Security test . . . . . . . . . : Passed
>     IPSec policy service is active, but no policy is assigned.
>
>
> The command completed successfully
>
> Regards,
>
> Julian.
>
> Julian Lyndon-Smith
> IT Director
> Dot R Limited
> http://www.dotr.com
> [EMAIL PROTECTED]
>
> List info   : http://www.activedir.org/mail_list.htm
> List FAQ    : http://www.activedir.org/list_faq.htm
> List archive:
> http://www.mail-archive.com/activedir%> 40mail.activedir.org/
>
List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/


List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

Reply via email to