Yes, I mentioned that below, and yes, in Sites and Services I did associate the x.x.81 netblock to the UCPG site.
I have some output from the netlogon.log. I set "nltest /dbflag:0x2000ffff" on a workstation in the remote site. Below is some snippets that hopefully someone here can tell me what they mean. 04/26 15:58:09 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x3 04/26 15:58:09 [SESSION] BSDAD: NlpEnsureSessionAuthenticated: Try to find a better DC for this operation. 0x8 04/26 15:58:09 [SESSION] BSDAD: NlDiscoverDc: Start Synchronous Discovery 04/26 15:58:10 [CRITICAL] NetpDcGetDcNext: domain.fqdn.edu.: 32: Cannot NetpSrvNext. 9003 0x232b 04/26 15:58:10 [CRITICAL] NetpDcGetNameIp: domain.fqdn.edu.: cannot find A record. 04/26 15:58:10 [MAILSLOT] NetpDcPingListIp: domain.fqdn.edu.: Sent UDP ping to X.X.209.170 04/26 15:58:10 [SESSION] BSDAD: NlDiscoverDc: Better DC not found (keeping NT old DC). 0x1d4 0x17c 04/26 15:58:10 [MISC] BSDAD: DsrEnumerateDomainTrusts: Domain List collected from \\bsd-sarge.domain.fqdn.edu 04/26 15:58:10 [DOMAIN] Setting LSA NetbiosDomain: BSDAD DnsDomain: domain.fqdn.edu. DnsTree: domain.fqdn.edu. DomainGuid:XXXXXX-1c6b-4645-ac78-b0f2444eac2c 04/26 15:58:10 [LOGON] NlSetForestTrustList: New trusted domain list: <SNIP> Domain Trust information> </SNIP> 04/26 15:58:10 [LOGON] 5: BSDAD domain.fqdn.edu (NT 5) (Forest Tree Root) (Primary Domain) (Native) 04/26 15:58:10 [LOGON] Dom Guid: XXXXXXXX-1c6b-4645-ac78-b0f2444eac2c 04/26 15:58:10 [LOGON] Dom Sid: S-1-5-21-XXXXXXXXXX-2961800785-2942754262 04/26 15:58:10 [MISC] DsrEnumerateDomainTrusts: returns: 0 04/26 15:58:13 [MISC] DsGetDcName function called: Dom:BSDAD Acct:(null) Flags: IP KDC 04/26 15:58:13 [MISC] NetpDcGetName: domain.fqdn.edu. cache not for closest site and it is too old. 6819297 04/26 15:58:13 [CRITICAL] NetpDcGetDcNext: domain.fqdn.edu.: 30: Cannot NetpSrvNext. 9003 0x232b 04/26 15:58:13 [CRITICAL] NetpDcGetNameIp: domain.fqdn.edu.: cannot find A record. 04/26 15:58:13 [MAILSLOT] NetpDcPingListIp: domain.fqdn.edu.: Sent UDP ping to X.X.97.194 04/26 15:58:13 [MISC] DsGetDcName function returns 0: Dom:BSDAD Acct:(null) Flags: IP KDC 04/26 15:58:14 [MISC] DsGetDcName function called: Dom:domain.fqdn.edu Acct:(null) Flags: IP KDC 04/26 15:58:14 [MISC] NetpDcGetName: domain.fqdn.edu using cached information 04/26 15:58:14 [MISC] DsGetDcName function returns 0: Dom:domain.fqdn.edu Acct:(null) Flags: IP KDC 04/26 15:58:14 [MISC] DsGetDcName function called: Dom:BSDAD Acct:(null) Flags: 04/26 15:58:14 [MISC] NetpDcGetName: domain.fqdn.edu. using cached information 04/26 15:58:14 [MISC] DsGetDcName function returns 0: Dom:BSDAD Acct:(null) Flags: 04/26 15:58:17 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x3 04/26 15:58:17 [MISC] DsrEnumerateDomainTrusts: returns: 0 04/26 15:58:17 [MISC] DsGetDcName function called: Dom:BSDAD Acct:(null) Flags: 04/26 15:58:17 [MISC] NetpDcGetName: domain.fqdn.edu. using cached information 04/26 15:58:17 [MISC] DsGetDcName function returns 0: Dom:BSDAD Acct:(null) Flags: 04/26 15:58:17 [MISC] DsGetDcName function called: Dom:BSDAD Acct:(null) Flags: DS NETBIOS RET_DNS 04/26 15:58:17 [MISC] NetpDcGetName: domain.fqdn.edu. using cached information 04/26 15:58:17 [MISC] DsGetDcName function returns 0: Dom:BSDAD Acct:(null) Flags: DS NETBIOS RET_DNS 04/26 15:58:18 [MISC] DsGetDcName function called: Dom:BSDAD Acct:(null) Flags: DS NETBIOS RET_DNS 04/26 15:58:18 [MISC] NetpDcGetName: domain.fqdn.edu. using cached information 04/26 15:58:18 [MISC] DsGetDcName function returns 0: Dom:BSDAD Acct:(null) Flags: DS NETBIOS RET_DNS 04/26 15:58:18 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x1 04/26 15:58:18 [MISC] DsrEnumerateDomainTrusts: returns: 0 04/26 15:58:18 [SITE] DsrGetSiteName: Returning site name 'UCPG' from local cache. 04/26 15:58:18 [MISC] DsGetDcName function called: Dom:domain.fqdn.edu Acct:(null) Flags: DS DNS RET_DNS 04/26 15:58:18 [MISC] NetpDcGetName: domain.fqdn.edu using cached information 04/26 15:58:18 [MISC] DsGetDcName function returns 0: Dom:domain.fqdn.edu Acct:(null) Flags: DS DNS RET_DNS 04/26 15:58:18 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS 04/26 15:58:18 [MISC] NetpDcGetName: domain.fqdn.edu. using cached information 04/26 15:58:18 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS 04/26 15:58:18 [MISC] DsGetDcName function called: Dom:domain.fqdn.edu Acct:(null) Flags: DS DNS RET_DNS 04/26 15:58:18 [MISC] NetpDcGetName: domain.fqdn.edu using cached information 04/26 15:58:18 [MISC] DsGetDcName function returns 0: Dom:domain.fqdn.edu Acct:(null) Flags: DS DNS RET_DNS 04/26 16:01:55 [SESSION] BSDAD: NlTimeoutApiClientSession: Unbind from server \\bsd-sarge.domain.fqdn.edu (TCP) 0. Thanks once again for your help. /aaron Aaron Steele University of Chicago Enterprise Systems Administrator P: 773.834.9099 E: [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Wednesday, April 26, 2006 13:14 To: [email protected] Subject: RE: [ActiveDir] oddness with sites. Did you associate the appropriate subnet(s) of whatever constitutes "UCPG" into the UCPG site? Site boundaries are defined by the subnets associated with them. You configure them in Sites and Services. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Steele, Aaron > [BSD] - ADM > Sent: Wednesday, April 26, 2006 12:30 PM > To: [email protected] > Subject: [ActiveDir] oddness with sites. > > Okay I have a perplexing problem that I haven't found any help for on > the web. Maybe someone her can help. > > I have a fairly simple AD forest > single forest, single domain. 2 sites, defined properly as far as I > can tell. > In the remote site, there is a DC/GC, both physically and in Sites and > Services. > The x.x.81.X subnet is tied to the correct site. > > Output form nltest is below. > > nltest /dsgetdc:<domain-name> /site:UCPG > DC: \\<DC-At-Remote Site> > Address: \\X.X.81.217 > Dom Guid: XXXXXXXX-1c6b-4645-ac78-b0f2444eac2c > Dom Name: Domain > Forest Name: domain.fqdn.edu > Dc Site Name: UCPG > Our Site Name: UCPG > Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_FOREST CLOSE_SITE > The command completed successfully > > In the registry of a workstation/server on the remote site, the > registry > > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\ > Parameters > \DynamicSiteName is equal to "UCPG" > > Yet, whenever I log onto a workstation/server there "set l" > returns a DC/GC that is at our HUB site, and not the DC/GC identified > and located in the remote site. > > Nltest /sc_query:<domain> returns the same DC/GC located in the hub > site, and again, not the DC/GC in the remote site. > > Pings between remote workstation and remote DC/GC are less than 1ms, > between remote workstation and hub DC/GC are more like 30 to 40 ms on > average. > Both remote site and hub site DC/GC are ping able and nbtstat -a > findable by short name and reverse ip lookups. > > Any help anyone has, I would greatly appreciate it. > > Thanks so much. > /aaron > > > Aaron Steele > University of Chicago > Enterprise Systems Administrator > P: 773.834.9099 > E: [EMAIL PROTECTED] > This email is intended only for the use of the individual or entity to > which it is addressed and may contain information that is privileged > and confidential. If the reader of this email message is not the > intended recipient, you are hereby notified that any dissemination, > distribution, or copying of this communication is prohibited. If you > have received this email in error, please notify the sender and > destroy/delete all copies of the transmittal. Thank you. > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This email is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged and confidential. If the reader of this email message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is prohibited. If you have received this email in error, please notify the sender and destroy/delete all copies of the transmittal. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
