Need your help!! our DC does not accept authentication

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

We have three DCs in our domain, namely DC 'A', 'B', and 'C'. Each DC are
located in differnt location. Currently we have a problem for users in
location 'C'. The users in location 'C' cannot logon to DC 'C', which is
located in the same site. The result of "set" command always return DC 'A'
or 'B' as user's logon server.

This produce performance problems in both user's logon and user's access to
share drive on DC 'C'. We have tried to force logon to DC 'C' but the server
still won't accept any authentication request from the users.

Please help
 
Have u configured your subnets in active directory sites and services
properly?because it cause the same error normally.

It happens when client subnet not configured in AD sites and services
properly and clients go to nearest DC for authentication.

How did u forced to login DOmain C?
--
Muhammad Tariq Ahmed Khan
Systems & Security Administrator
MCSE,MCSA,MCSE Security,CCNA,CISSP
Arab National Bank,
Riyadh,Saudi Arabia
Phone: 00966 1 4029000 Ext 8296
Mobile: 00966 5 08880684
 
I would need more info, but in general terms I would say that you should
look into:

-DNS
-Sites
-GC

Note, with DNS I would say specifically look into the records _MSDCS

Regards,
/Jimmy
 
ttulanan said:
We have three DCs in our domain, namely DC 'A', 'B', and 'C'. Each DC are
located in differnt location. Currently we have a problem for users in
location 'C'. The users in location 'C' cannot logon to DC 'C', which is
located in the same site. The result of "set" command always return DC
'A'
or 'B' as user's logon server.

This produce performance problems in both user's logon and user's access
to
share drive on DC 'C'. We have tried to force logon to DC 'C' but the
server
still won't accept any authentication request from the users.
Click to expand...

The other responses have pretty much covered it so here
is a summary:

Is C a GC (global catalog)?

Check DNS -- all DCs must be properly registered with
DNS and the DNS replicated.

All internal-domain machines must use STRICTLY the
(internal) DNS servers which can resolve these DC names;
make sure all machines use STRICTLY the internal DNS
server (set) on their NIC. That is, don't allow them to mix
in an ISP or other external DNS server.

DCDiag is the primary tool for checking such problems.

Highly likely it is either a GC or DNS issue.
 
Hello
Can you be more especific about your site(s) configuration?
nr of sites, ip subnets, domain controllers, domains, etc.

This locks like a dns issue. check your dns configuration.




Systems Administrator
MCSA + Exchange

Herb Martin said:
ttulanan said:
We have three DCs in our domain, namely DC 'A', 'B', and 'C'. Each DC
are
located in differnt location. Currently we have a problem for users in
location 'C'. The users in location 'C' cannot logon to DC 'C', which is
located in the same site. The result of "set" command always return DC
'A'
or 'B' as user's logon server.

This produce performance problems in both user's logon and user's access
to
share drive on DC 'C'. We have tried to force logon to DC 'C' but the
server
still won't accept any authentication request from the users.
Click to expand...

The other responses have pretty much covered it so here
is a summary:

Is C a GC (global catalog)?

Check DNS -- all DCs must be properly registered with
DNS and the DNS replicated.

All internal-domain machines must use STRICTLY the
(internal) DNS servers which can resolve these DC names;
make sure all machines use STRICTLY the internal DNS
server (set) on their NIC. That is, don't allow them to mix
in an ISP or other external DNS server.

DCDiag is the primary tool for checking such problems.

Highly likely it is either a GC or DNS issue.


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
Please help
Click to expand...
Click to expand...
 
Back
Top