hey guys.. i've just met a very weird problem, and let's brainstorm on it..
i got 2 offices, A and B, in a same city, linked to each other over IPsec VPN built by 2 same firewalls from Zyxel. A is on *.*1.0 network, and B is on *.*.2.0 network. I have a Domain Controller in A to manage all the users in both offices. Before there's no problem at all, but suddenly all the users in B can't login properly to DC since this Monday. The login process in office B takes around one hour, and lose all the network drives, printer privileges etc assigned by DC. All the users in office A have no problem at all still. I tried to take a new PC in B to join the domain, and it went smoothly. but I can't use it to login to domain even with "administrator" account, the error message is the famous:
Windows cannot connect to the domain either because the domain controller is down or otherwise unavailable or because your computer account was not found.
Notes: The only Domain Controller in office A acting as ADS, DNS, WINS server.
Here's my findings:
1. any PC in A or B can ping to any PC in A and B
2. any PC in A or B can ping to DC by ping its server name
3. tracert command shows correct network path
4. nslookup command shows the proper result from any PC in A or B
5. I unjoined one PC in B successfully, and delete its old computer name in ADS computer object, then rejoin it to the domain successfully. But same result
6. i manually add DC's server name and IP in the host file in a PC in B, no luck
7. I can use terminal service to any PC in A or B from any PC
8. I removed all the recent Server updates and Windows update...
Please guys.. help me out here. .I'm really struggling this weird problem right now..
i got 2 offices, A and B, in a same city, linked to each other over IPsec VPN built by 2 same firewalls from Zyxel. A is on *.*1.0 network, and B is on *.*.2.0 network. I have a Domain Controller in A to manage all the users in both offices. Before there's no problem at all, but suddenly all the users in B can't login properly to DC since this Monday. The login process in office B takes around one hour, and lose all the network drives, printer privileges etc assigned by DC. All the users in office A have no problem at all still. I tried to take a new PC in B to join the domain, and it went smoothly. but I can't use it to login to domain even with "administrator" account, the error message is the famous:
Windows cannot connect to the domain either because the domain controller is down or otherwise unavailable or because your computer account was not found.
Notes: The only Domain Controller in office A acting as ADS, DNS, WINS server.
Here's my findings:
1. any PC in A or B can ping to any PC in A and B
2. any PC in A or B can ping to DC by ping its server name
3. tracert command shows correct network path
4. nslookup command shows the proper result from any PC in A or B
5. I unjoined one PC in B successfully, and delete its old computer name in ADS computer object, then rejoin it to the domain successfully. But same result
6. i manually add DC's server name and IP in the host file in a PC in B, no luck
7. I can use terminal service to any PC in A or B from any PC
8. I removed all the recent Server updates and Windows update...
Please guys.. help me out here. .I'm really struggling this weird problem right now..