Heh heh, bark and stuff. ;)
Let's see, of the three DCs, only two have access to domain security settings, but both do indeed suffer the same error.
Printable View
Heh heh, bark and stuff. ;)
Let's see, of the three DCs, only two have access to domain security settings, but both do indeed suffer the same error.
thats odd....
shall we go to basic troubleshooting?
get one of the servers (lets suppose its Server1)
go to DNS Server (that hold AD Structure) and see if A record is presented there
ipaddress A server1.addomain.com
check if ip adddress match if server1 ip address.
At server1 ip configuration:
be sure that domain name (dns property) is addomain.com (as you have defined on AD)
but is really odd.
a lot of things should not work too. not just snapin.
that message use to be that thing. You misconfigured AD server and it cant contact itself. dont blame me. its a microsoft idea...
Ah, but odd problems have a tendancy of finding me. ;)
Well, all that checks out ok, except for one minor discrepency -- the domain (named HIFS) does not have the ".com" suffix. So nowhere in the network do you see "HIFS.com", only "HIFS". In other words, all machine names are "NAME.HIFS" as opposed to "NAME.HIFS.COM".
I haven't thought that to be a big deal since it's been that way since the beginning, and has caused us no problems. However, I have read in MS articles in the past that lacking the ".com" can cause some communication problems. Could that be the culprit somehow? I doubt it since we've made it this far without it, but I'm open to anything.
I have been told about, but, like you, some AD structures that i have deployed use the same ideas as yours. The important thing is that AD domain name is connected to a DNS domain name (that use to be the same one) and servers domain name must match on that structure. When servers request AD (and other) functions, they locate those service thru DNS service (no more WINS - thanks GOD). If you have a discrepancy on that, you may experience some problems, such networks errors or lag.
When your saying that domain name is "HIFS" you are refering to AD domain name, right? that one you can see on AD snap in..
Yes, it is indeed so with AD snap in.
So I wasn't aware that there's a difference between DNS domain and AD domain. These are not necessarily one in the same? What's the difference?
my bad. i ve passed you a wrong idea.
____________________________________
When you install AD, you are asked for 2 names:
a) AD name, in the "dns" form - like abc.com <-- this name will be used to create a DNS zone, so AD NAME is EQUAL then DNS domain name
b) a nt domain like, for compatibility with old versions domains (NT Domains). Usually, if AD name is "abc.net", nt domain will be "abc". But it may be diferent
_______________________________________
Now, back to to subject. I was talking about "server" domain name. it can be slighty different from AD dns name. I.E. you can put all servers in a subdomain.
When u r acessing AD schema, all names are "resolved" thru DNS. Is that why i asked you about entried on DNS. If one is wrong, odd things happens
__________________________________________
Gotcha, I get it now. Well first then, for simplicity's sake we only have one domain for the entire office (we're only working within the range of 20 computers give or take, so the one general domain is sufficient). So everything, servers and workstations, is on the HIFS domain.
So second, I have been catching some DNS problems. I had a few workstations stop communicating with the others. For instance, one couldn't access the printer of another because access was denied. It took me a bit to figure out what was going on, but it turned out that the IP shown for the machine in DNS was different than the one shown as leased out to it in AD. Once I fixed that, it worked fine. There have been a few instances of that.
I believe I may have found something else. In DNS Forward Lookup Zone, Host (A) has an IP address that is inactive (does not respond to ping nor is assigned to any server/workstation). What should that be set to? The DNS server's IP perhaps?
/edit -- There are 8 other similar host files in there, all with different IPs. I'm kinda in foreign territory here, not sure what all of that means just yet.
/edit -- Discovered something that definately is messed up. As it turns out. A number of machines have one IP shown in DNS, and another shown in DHCP. I'm trying to fix those right now.
Make sure your machimes are set to dynamically update the DNS server and make sure the server is set to accept dynamic DNS updates. It sounds like some of them aren't. If you are using pre-Win2k you need to d/l an updater patch from M$, win2k & WinXP are able to do this natively.
Do you mean set each machine to have it's IP automatically configured rather than manually assigned? We do indeed have some that have automatically detected IPs and others that are configured manually.