2 Problem

I forget to write that the domain is 2008 R2

Strange DNS IP address (not private). Looks like public. All DNS server on clients should point to internal DNS servers. PLease ensure that you didn't make mistake )6 is near 7) during DNS set up (DHCP or statically)

Regards,
Krzysztof

are the DNS servers for your domain operational ?

and what is providing your clients with DNS information, DHCP ? is this set correctly with the DNS servers for your AD domain (generally the DC's ).

iSiek:
Strange DNS IP address (not private). Looks like public. All DNS server on clients should point to internal DNS servers. PLease ensure that you didn't make mistake )6 is near 7) during DNS set up (DHCP or statically)

Regards,
Krzysztof

The IP range of the lan 172.17.100.0 full class c

woolnoir:
are the DNS servers for your domain operational ?

[b] Yes [/b]

and what is providing your clients with DNS information, DHCP ? is this set correctly with the DNS servers for your AD domain (generally the DC's ).

All the lan are fixed ip & i double checked the dns setting - all defined correctly

start nslookup, and then once started (and you will get the above error message) type the name of one of your DC's just to verify that it isnt providing resolution.

Do client machines have FW software installed ? try switching off and testing nslookup too.. just to check it isnt stopping DNS requests.

And does the server have any FW enabled ? (the DC/DNS if they are the same ? )

woolnoir:
start nslookup, and then once started (and you will get the above error message) type the name of one of your DC's just to verify that it isnt providing resolution.

The problem is appending in the init start of the nslookup if you try to resolve it working.

run a DCDIAG on the DC and paste the results..

woolnoir:
Do client machines have FW software installed ? try switching off and testing nslookup too.. just to check it isn't stopping DNS requests.
And does the server have any FW enabled ? (the DC/DNS if they are the same ? )

on all the machines the firewall is disabled
the DC/DNS 2 machines

cool - the DCDIAG should identify any DNS or domain issues... lets see the output :)

The DCDIAG Result

it would have been better to give us it in text format, i.e

dcdiag > output.txt

and post that...

Does it give any errors at all ?

dc.txt

have you installed updates recently ? or made any configuration changes to the BDC or DC ?

This a closed lan not connected to the world
no changes as been made between the DC's

Anything in the event log on the DC ? the DCDiag is suggesting that the KDC is having issues.

Here are the files.
 OLIVEMT-DC-date-of-test1.txt w1-date-of-test1.txt

I didnt see any kdc problem in the eventlog