Solved

One DC cannot communicate with another DC.  Error: "There are currently no logon servers available to service the logon request."

Posted on 2004-03-23
8
496 Views
Last Modified: 2010-04-13
A DC in a remote office cannot communicate with any other computers on its LAN or to the main DC.  When I try to browse to any other computer thru My Network Places or thru Run,\\<computername>, the above error appears.  I'm able to make a PC Anywhere connection to the machine, though.

Additionally, when the computers on the remote subnet try to access the remote DC, they get the same error message.  However, I'm able to browse to any computer on the remote subnet from my computer (which is on the same LAN as the main DC).

When I try to open Active Directory from the remote DC (Users and Computers, Sites and Services, or Domains and Trusts) the error states: "Naming information cannot be located because: No authority can be contacted for authentication.  Contact your system administrator to verify that your domain is properly configured and is currently online."

There are tons of Event log errors on the remote DC from the NTDS KCC stating that the configuration for replication is SMTP, which is not supported for DCs in the same domain.  However, replication is set to IP.  Any ideas or places to start looking would be appreciated.  Thanks!

Scott
0
Comment
Question by:jqualteri
8 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 10660568
Is there a trust relationship between the DCs?
0
 

Accepted Solution

by:
Skege earned 125 total points
ID: 10660843
Do you have configured DNS.
That´s sounds like you have probles with DNS..

Check to see that the zones on your DNS server are configured correctly and that your DNS server has authority for the zone that contains the Active Directory domain name.
0
 

Author Comment

by:jqualteri
ID: 10661766
Yes there's a trust.  These are both domain controllers for the same domain.  The one in the remote office is unable to authenticate any domain users because it cannot verify them from the main DC.  I don't think it has been getting replication for 4 days.
0
 

Author Comment

by:jqualteri
ID: 10661851
DNS is configured on the remote DC, yes.  I'm pretty certain its configured correctly because the machine was having no problems as of last week, and nobody has touched it.  The remote computer is the authority for its zone.
0
 
LVL 16

Assisted Solution

by:JamesDS
JamesDS earned 125 total points
ID: 10665117
This is certainly DNS, most AD problems are

Right then, configure BOTH DCs with DNS servers, AD Integrate your DNS ZONE if possible and MAKE SURE that each DC is pointing to the other one for its primary DNS settings - leave secondary blank to aboid the problem of DNS island.

At each DC command line run:

IPCONFIG /FLUSHDNS
IPCONFIG /REGISTERDNS

Check the DNS zone on each DNS server to make sure the _MSDCS sub domain is in place and then use NSLOOKUP from the command line to make sure you can resolve the fully qualified domain name of each DC from the other one

Once you have success on this open up the snapin AD Sites and Services and navigate down the sites tree to the connection objects on each server and initiate replication in each direction

Check the logs for the next 20 minutes and iff all is clear your domain will be running again.

Cheers

JamesDS
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question