?
Solved

Domain Controller in same VLAN do not take pat in authentication

Posted on 2011-09-13
14
Medium Priority
?
448 Views
Last Modified: 2012-05-12
Its a DR site 4th DC .
Global Catalog > yes.
AD integrated DNS > yes
pinging from client .09ms successful.

loging from client fails to login , the message I am getting is
"System can not log you on because the domain <my domain name> is not available

FYI the same client can login in main site , there is no problem in client . DC is not responding,

OS : windows 2003 Server  enterprise edition with SP2 ( domain controller)
client : xp pro sp3.
0
Comment
Question by:sulu999
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 5
14 Comments
 

Author Comment

by:sulu999
ID: 36528435
does it need to run dcpromo again ??
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 36528450
Have you run a dcdiag on the problem DC?

i.e. dcdiag /v /c /f:dcdiag.txt
0
 

Author Comment

by:sulu999
ID: 36529458
Hi

i have found out that the "netlogon " and "SYSVOL" shares are missing ,  if I create manually then the dcdiag test is passing but after rebooting these shares vanishes.

What could be the cause .


FYI
I had configured the DFSR between two file servers in the same AD.  my three domain controllers are fine.

which are in a.b.c.0 network the 4th Dc is in a.b.y.0 network across two firewalls
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 21

Expert Comment

by:snusgubben
ID: 36530853
Have you checked for errors in the FRS (or DFSR) event log?
0
 

Author Comment

by:sulu999
ID: 36531222
Hi

now server has stoped login ; domain controller for this domain can not be found.

what I did , I will update you . I had restored the old syslog backup . and rebooted . so finally it killed the AD .


Now guide me how to reinstall the same DC04 ,

1) way to remove the dc04 from existing setup .
2) installing new machine and dcpromo .  

OR can I get it back by some other way ???

0
 

Author Comment

by:sulu999
ID: 36531241
Hi

SYSVOL backup not syslog   correction
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 36534182
You have a DR site with 4 DCs, and DC04 is not working?

Can you log into DC04?

It's "common" that DCs are missing SYSVOL, and it is normally easy to get back. You should not create the share yourself. The NtFrs service should create the folders, while Netlogon service should share it out.

If you want to uninstall it: dcpromo /forceremoval
To remove DC04 from the domain: http://www.petri.co.il/delete_failed_dcs_from_ad.htm

0
 

Author Comment

by:sulu999
ID: 36534323
Hi

where should I run dcpromo /forceremoval ?/

on dc01,02,03 because DC04 is dead.  or I should start second option as per given link?

with rgds
sulu999

0
 
LVL 21

Expert Comment

by:snusgubben
ID: 36534595
If DC04 is dead, you only need to run a Metadata clean from a working DC (to remove DC04 out of the domain).
0
 

Author Comment

by:sulu999
ID: 36541824
Hi

good  news . I left the server running but it was not authenticating pop up was " Domain name not does  not exist"

Surprisingly now it is allowing me to login but still netlogon and sysvol shares are missing .

the error in other DC is 13565 ,  


How can I get the shares on DC04 ???
0
 

Author Comment

by:sulu999
ID: 36541833
I am waiting for your feed back .

there is some registry fix for BurFlags  to set it to D4 on one and rest as D2.  how is this???
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 36541846
You should verify that the DC04 points to a valid DNS (on the nic), then you could try a non-authoritative restore of SYSVOL (Burflags = D2).

http://adfordummiez.com/?p=61
0
 

Accepted Solution

by:
sulu999 earned 0 total points
ID: 36555498
It does not work , I have cleaned metadata and reinstalling the server.

thanks for your kind support.
0
 

Author Closing Comment

by:sulu999
ID: 36579019
partially helpful,  after all its Microsoft as you know .
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question