One Child domain permitting multiple SAM/UPN Usernames

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hello,

We were experiencing a weird problem yesterday when we tried to do a search
of the "entire directory" we were getting no results. When I ran a find in
the root domain (which got results) then went back to the "entire directory"
I got results. At this same time we had a problem with another child domain
that could not authenticate to any of the servers in our child domain. When
I had them run the "find, root", then "find, entire directory" this resolved
the problem. Does anyone have any idea what's going on here?

We rebooted the GC of the root domain and this seemed to resolve the
problem, but we in our domain still have another one. We can add duplicate
accounts which we shouldn't be able to. The other child domain doesn't have
the problem.

I've looked high and low and haven't found a tool that is focused on
maintaining the GC specifically. I'm also puzzled as to why, with all the
GC's we have in our enterprise, another GC didn't pick up the ball if the
root DC/GC dropped it. Does anyone know of any good program to monitor
granular aspects of the GC, it's health, status, contents, completess, etc?

I have looked for GUI tools to monitor the health, status, and
responsiveness?
 
GC just have a read only copy of the objects with a few attributes. If the
root GC is off the network do you have problems in your domains? Are we in
Natvie Mode.

Gc events are logged in the DS event log and most start at 1110 and above.
Each machine should have posted a 1119 when it became a GC.

There is a situation where a GC is promoted but before it finishes receiving
replication another promoted GC attempts to source from the first promoted
GC. This can cause the second promotion to never succeed.
 
- said:
Hello,

We were experiencing a weird problem yesterday when we tried to do a search
of the "entire directory" we were getting no results. When I ran a find in
the root domain (which got results) then went back to the "entire directory"
I got results. At this same time we had a problem with another child domain
that could not authenticate to any of the servers in our child domain. When
I had them run the "find, root", then "find, entire directory" this resolved
the problem. Does anyone have any idea what's going on here?

We rebooted the GC of the root domain and this seemed to resolve the
problem, but we in our domain still have another one. We can add duplicate
accounts which we shouldn't be able to. The other child domain doesn't have
the problem.

I've looked high and low and haven't found a tool that is focused on
maintaining the GC specifically. I'm also puzzled as to why, with all the
GC's we have in our enterprise, another GC didn't pick up the ball if the
root DC/GC dropped it. Does anyone know of any good program to monitor
granular aspects of the GC, it's health, status, contents, completess, etc?

I have looked for GUI tools to monitor the health, status, and
responsiveness?
Click to expand...

It almost sounds like you having trouble with the DC that holes the RID
Master role to. Cuz the RID is is what assigns you know the rid blocks to
DC's to ensure there is no naming conflicts.
 
Back
Top