?
Solved

Client computers don't communicate with local domain controllers

Posted on 2006-06-20
12
Medium Priority
?
605 Views
Last Modified: 2012-05-05
My client has one windows 2003 domain that spans different countries. I have all AD sites configured well and replication is going as expected. Client IT staff from Germany site noticed that a number of client machines do not talk straight with the domain controllers in Germany AD site. They rather communicate with other DC's from different sites. If the machines are connected on the same subnet where the DC is on then computers can talk to the local DC first, but if they are on different subnets they just go out to other AD sites and find another DC to communicate with especially when you do nslookup for domain name.  At the beginning I use to have a super subnet that covers all small subnets in the site, but lately I created all Germany subnets in AD and I associated these subnets with Germany AD site so that all machines from that site can communicate with the local DC's first.
I just found out that the issue still the same. Just to clarify, the machines are pointing to the local DNS servers in Germany. There is no WINS. Do you think I need WINS to help in this matter? Does anyone know what I'm missing here?
Thanks
0
Comment
Question by:mjawarish
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +2
12 Comments
 
LVL 30

Expert Comment

by:ded9
ID: 16945038
what exact message or error are you getting

Reps
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16945231
Check if these clients are pointing to local DNS server only.


0
 

Author Comment

by:mjawarish
ID: 16946291
Yes, the client machines point to the local AD DC's (DNS) servers. I don't get an error message. When I run the nslookup for my domain the query get resolved by another DNS server in the US sites instaed of the local AD DNS server in Germany. The query can be resolevd from the local AD DNS servers Only if the machine is located on the same subnet as the AD DNS.   If I try to ping the AD DNS by name and IP everything looks fine. The machine can logon to the domain with no problem too.
0
Video: Liquid Web Managed WordPress Comparisons

If you run run a WordPress, you understand the potential headaches you may face when updating your plugins and themes. Do you choose to update on the fly and risk taking down your site; or do you set up a staging, keep it in sync with your live site and use that to test updates?

 
LVL 13

Expert Comment

by:prashsax
ID: 16946527
So, this machine is in some other subnet, and not in the subnet of Germany.

Is their some secondary DNS server specified on these machines.

Primary DNS should point to AD (DNS) in Germany.

Try and remove secondary DNS if any.

0
 
LVL 13

Expert Comment

by:prashsax
ID: 16946555
Now, restart the machine and use nslookup again.

Could you post the outcome of
nslookup FQDN

Also mention the subnet for Germany and US.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 16946563
>>They rather communicate with other DC's from different sites. If the machines are connected on the same subnet where the DC is on then computers can talk to the local DC first, but if they are on different subnets they just go out to other AD

that is by design,,, AD sites and services is based upon what subnet the site and DC is on.
if you go into AD sites and services you will notice a 'subnets' folder,  it sounds as though your subnets aren't associated with the SITE as they should. Every subnet range on your AD network should be in the 'subnets' folder.  If they arent, then that is your problem.  All you need to do is create one for every subnet and associate each one with the approprate AD site.

0
 

Author Comment

by:mjawarish
ID: 16948599
Hi mikeleebria,
I have multiple AD sites established already and each site has its own subnet or subnets. What I found also that the client machine can't browse the AD domain. It can ping all domain controllers by name and IP. It can also ping the Default gateway, but when you click on Entire Network | Microsoft Windows Network, it takes long time to open and when you click on the AD domain, I get an error message

"mydomainname is not accessible. You may not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
The list of servers for this workgroup is not currently available"    

Any idea?
0
 
LVL 4

Accepted Solution

by:
ansh_gupta earned 1000 total points
ID: 16949680
If the client is supposed to use germany site, then it should be having ip address frm the subnet associated with germany site. Ip address of a machine is the criteria on which it tries to find out the right domain controller to talk to.. So you need to have ip from the subnet associated with germany site.
0
 
LVL 25

Assisted Solution

by:mikeleebrla
mikeleebrla earned 1000 total points
ID: 16950892
i agree with ansh_gupta... the PC has to be in the right subnet since that is what sites and services is based on.  If the PC doesn't have an IP in the correct subnet, that is the issue.
0
 

Author Comment

by:mjawarish
ID: 17060022
My subnet was incorrect. Thanks everyone. Point should be split between gupta and mikeleebrla
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question