Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Windos 2003 Authenication

Posted on 2009-12-17
11
Medium Priority
?
305 Views
Last Modified: 2012-05-08
Windows 2003 users are autenicating to Site B's server vs there own server.  How can I set them up to have the authenicate to there server.  thanks.
0
Comment
Question by:mmccutch
  • 6
  • 4
11 Comments
 
LVL 7

Expert Comment

by:jgpd
ID: 26074792
authentication is managed  trough sites
you need to associate the  subnet (win 2003 users) with  their site ,probaly they are assigned to site b
here is the link from Microsoft
http://technet.microsoft.com/en-us/library/cc780426(WS.10).aspx
Regards,
Jose
0
 
LVL 17

Expert Comment

by:chuku
ID: 26074814
if we're talking about same domain and 2 DCs there isn't much
the way AD work is the first response win
you should check though why the remote DC reply faster then the local DC. there might be a networking issue
0
 

Author Comment

by:mmccutch
ID: 26074890
I have verified that this subnet is configured for this site already.  We are talking about the same domain just at a remote site connect with a VPN connection.  The server was replaced a few months ago, but haven't noticed this until now.  Could have been messed up with the server replacement, I don't know?

When I go under this current site-->Servers-->Servername-->NTDS Settings-->the primary domain controller shows but when I select to replicate now I receive this:  the following error occurred during the attempt to contact the domain controller which is the name of the server at this current site.  This may be another problem on top of the issue about or maybe these are related.  thanks for your help.




0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 7

Expert Comment

by:jgpd
ID: 26081824
could you please run dcdiag and netdiag on the  on both servers and post the result please?
you can find these commands on the support tools
http://www.microsoft.com/downloads/details.aspx?FamilyId=6EC50B78-8BE1-4E81-B3BE-4E7AC4F0912D&displaylang=en

regards,
Jose
0
 

Author Comment

by:mmccutch
ID: 26082210
DCDIAG and NETDIAG log files.

C:\Documents and Settings\Administrator.UNITEDEVV>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Saturn-of-Terre-Haute\SATURNSRV-TH
      Starting test: Connectivity
         The host cc752682-190c-4fd3-b0ce-7664356f4b93._msdcs.unitedevv.com coul
d not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (cc752682-190c-4fd3-b0ce-7664356f4b93._msdcs.unitedevv.com) couldn't
         be resolved, the server name (saturnsrv-th.unitedevv.com) resolved to
         the IP address (10.2.5.2) and was pingable.  Check that the IP address
         is registered correctly with the DNS server.
         ......................... SATURNSRV-TH failed test Connectivity

Doing primary tests

   Testing server: Saturn-of-Terre-Haute\SATURNSRV-TH
      Skipping all tests, because server SATURNSRV-TH is
      not responding to directory service requests

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : unitedevv
      Starting test: CrossRefValidation
         ......................... unitedevv passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... unitedevv passed test CheckSDRefDom

   Running enterprise tests on : unitedevv.com
      Starting test: Intersite
         ......................... unitedevv.com passed test Intersite
      Starting test: FsmoCheck
         ......................... unitedevv.com passed test FsmoCheck

C:\Documents and Settings\Administrator.UNITEDEVV>netdiag

......................................

    Computer Name: SATURNSRV-TH
    DNS Host Name: saturnsrv-th.unitedevv.com
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 6 Model 15 Stepping 13, GenuineIntel
    List of installed hotfixes :
        KB923561
        KB924667-v2
        KB925398_WMP64
        KB925902-v2
        KB926122
        KB927891
        KB929123
        KB930178
        KB932168
        KB933854
        KB936357
        KB938127
        KB938464-v2
        KB941569
        KB943055
        KB943460
        KB944338-v2
        KB944653
        KB945553
        KB946026
        KB948496
        KB950762
        KB950974
        KB951066
        KB951748
        KB952004
        KB952069
        KB952954
        KB954600
        KB955069
        KB955839
        KB956572
        KB956802
        KB956803
        KB957097
        KB958469
        KB958644
        KB958687
        KB959426
        KB960225
        KB960803
        KB960859
        KB961371-v2
        KB961501
        KB967715
        KB968389
        KB968537
        KB969805
        KB970238
        KB971032
        KB971557
        KB971633
        KB971657
        KB972260
        KB972260-IE8
        KB972636-IE8
        KB973346
        KB973354
        KB973507
        KB973540
        KB973815
        KB973869
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : saturnsrv-th
        IP Address . . . . . . . . : 10.2.5.2
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 10.2.5.1
        Dns Servers. . . . . . . . : 10.2.2.20
                                     10.2.5.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{1E55E149-EA33-4ACB-ADAC-F8725B8014BE}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.2.2.20'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.2.5.2'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{1E55E149-EA33-4ACB-ADAC-F8725B8014BE}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{1E55E149-EA33-4ACB-ADAC-F8725B8014BE}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'UNITEDEVV' is to '\\pdawg.unitedevv.com'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed
    [WARNING] Failed to query SPN registration on DC 'farmington-serv.unitedevv.
com'.
    [WARNING] Failed to query SPN registration on DC 'ras-srv.unitedevv.com'.
    [WARNING] Failed to query SPN registration on DC 'SATURNSRV-PLY.unitedevv.co
m'.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

C:\Documents and Settings\Administrator.UNITEDEVV>netdiag
0
 
LVL 7

Accepted Solution

by:
jgpd earned 2000 total points
ID: 26082679
please run netdiag /fix and dcdiag /fix to attempt  to recreate the missing dns records
0
 

Author Comment

by:mmccutch
ID: 26083656
Ok, I ran the fix.  Not sure what dns records I'm looking for?
0
 

Author Comment

by:mmccutch
ID: 26083775
It appears that they are autenicating to the correct server now.  I appreciate the help.  I would still like to know what dns records I'm looking for because I'm not sure what the problem was.  thanks.
0
 
LVL 7

Expert Comment

by:jgpd
ID: 26084072
ok
 look here on this part of the dcdiag

Testing server: Saturn-of-Terre-Haute\SATURNSRV-TH
      Starting test: Connectivity
         The host cc752682-190c-4fd3-b0ce-7664356f4b93._msdcs.unitedevv.com could not be resolved to an         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (cc752682-190c-4fd3-b0ce-7664356f4b93._msdcs.unitedevv.com) couldn't         be resolved, the server name (saturnsrv-th.unitedevv.com) resolved to
         the IP address (10.2.5.2) and was pingable.  Check that the IP address
         is registered correctly with the DNS server.
         ......................... SATURNSRV-TH failed test Connectivity


this record msdcs is your domain,so it seems the dns records  for your DC 10.2.5.2 were missed or  removed
Active Directory creates its SRV records in the following folders,               where Domain_Name is the name of your domain:
Forward Lookup Zones/Domain_Name/_msdcs/dc/_sites/Default-First-Site-Name/_tcp Forward Lookup Zones/Domain_Name/_msdcs/dc/_tcp
In these locations, an SRV record should appear for the               following services:
_kerberos
_ldap

   
now see the netdiag  part

[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.2.2.20'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.2.5.2'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.



when you force  the /fix options then all the missed recorded were recreated successfully,
Regards,
Jose
0
 

Author Comment

by:mmccutch
ID: 26084140
very well, thanks for spending the time to explain.  Very Grateful.  Merry Christmas to all....    

Mark
0
 

Author Closing Comment

by:mmccutch
ID: 31667421
Very grateful for the help.  thanks.
0

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Learn about cloud computing and its benefits for small business owners.
Loops Section Overview
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question