Solved

AD user created does not appear in other DC users and computers

Posted on 2010-11-11
8
889 Views
Last Modified: 2012-05-10
Single domain-2003 Native mode AD: We created a user on a remote DC. At the headquarters and indeed at any other DC ( apart from the one in question) we cannot see this user in the OU in question in users and computers.

Looking at repadmin /showreps, it all looks fine, replication is regular and i can force a manual rep from sites and services. no Lingering objects, correct amount of objects in sysvol policies- I am scratching my head. all FSMO roles are at HQ.

The user in question cannot login.
0
Comment
Question by:Felicity_Harte
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 27

Expert Comment

by:KenMcF
ID: 34111519
What DC did you run repadmin from?

can you run DCDiag and post results from each DC?
Also a IPConfig /all from each DC.

When you force repl through ADS&S does the object replicate or does it still not show up.

Is this user att he remote location or at the HQ.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34111645
Dcdiag will help out like Ken requested
0
 

Author Comment

by:Felicity_Harte
ID: 34111751
Thanks for your comments. the user was created at remote site in Eastern Europe. I ran Repadmin from HQ DC and remote site DC so both ends. No erorrs all Domain partition replicated.

I am wondering about DNS, there are stacks of Red errors at remote site, but if there were problems repadmin would have picked this up?

I will now do a DCDiag from both ends

many thanks

F
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 1

Expert Comment

by:Jackal_s
ID: 34113236
I have a similar situation only difference is that the other DC is W2K8. Since the day I have joined it and made it a DC, it has never pulled any users created on W2K3. I read some place, that we need to restat the Net Logon service and re-check DNS Setup. It's all down to some DNS misconfiguration I suspect . I am going to try it. Will keep you posted. Try if it works for you.
0
 
LVL 24

Expert Comment

by:Awinish
ID: 34114997
Run repadmin /syncall /AEPD to sync all the domain controller in the forest & see then the user is displaying in other dc.


0
 
LVL 4

Expert Comment

by:Vishal Patel
ID: 34126006
The replication is instantaneous if both the DCs are in single site.
If you have created multiple sites, you need to setup site links for replication of data to work it automatic.
Go through these:
http://technet.microsoft.com/en-us/library/dd277429.aspx
http://www.informit.com/articles/article.aspx?p=21472

If you need more help on site and link creation, revert back.

0
 

Accepted Solution

by:
Felicity_Harte earned 0 total points
ID: 34204540
It was a lingering object on the remote DC. Even though repadmin was reporting success at both ends, I found out that there was some lingering objects on remote DC. I am about to clean these, then the user account should replicate to all other DC's
0
 

Author Closing Comment

by:Felicity_Harte
ID: 34281017
This solution worked.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question