Re: client logon slow when 1 DC is down
- From: steve <steve@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 26 Mar 2006 23:35:01 -0800
Hi Paul,
i notice when i run dcdiag.. the result for my dc2 name resolution is
"10.2.1.68 (<name unavailable>) [Valid]" .
Do u know what is the cause?
Below is the dcdiag DNS test output:
Starting test: DNS
Test results for domain controllers:
DC: dc1.stengg.corp
Domain: stengg.corp
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard Edition
(Service Pack level: 1.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000001] Intel(R) PRO/1000 MT Network Connection:
MAC address is 00:14:22:16:DA:25
IP address is static
IP address: 10.2.1.69
DNS servers:
10.2.1.69 (dc1.stengg.corp.) [Valid]
10.2.1.68 (<name unavailable>) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found
(primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
165.21.100.88 (<name unavailable>) [Valid]
165.21.83.88 (<name unavailable>) [Valid]
TEST: Delegations (Del)
Delegation information for the zone: stengg.corp.
Delegated domain name: _msdcs.stengg.corp.
DNS server: dc1.stengg.corp. IP:10.2.1.69 [Valid]
TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone stengg.corp.
Test record _dcdiag_test_record added successfully in zone
stengg.corp.
Test record _dcdiag_test_record deleted successfully in
zone stengg.corp.
TEST: Records registration (RReg)
Network Adapter [00000001] Intel(R) PRO/1000 MT Network
Connection:
Matching A record found at DNS server 10.2.1.69:
dc1.stengg.corp
Matching CNAME record found at DNS server 10.2.1.69:
7dcd6966-1adc-4f0e-be4f-809304b2a8f0._msdcs.stengg.corp
Matching DC SRV record found at DNS server 10.2.1.69:
_ldap._tcp.dc._msdcs.stengg.corp
Matching GC SRV record found at DNS server 10.2.1.69:
_ldap._tcp.gc._msdcs.stengg.corp
DC: dc2.stengg.corp
Domain: stengg.corp
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard Edition
(Service Pack level: 1.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000001] Intel(R) PRO/1000 MT Network Connection:
MAC address is 00:14:22:16:D9:E9
IP address is static
IP address: 10.2.1.68
DNS servers:
10.2.1.68 (<name unavailable>) [Valid]
10.2.1.69 (dc1.stengg.corp.) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found
(primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
165.21.100.88 (<name unavailable>) [Valid]
165.21.83.88 (<name unavailable>) [Valid]
TEST: Delegations (Del)
Delegation information for the zone: stengg.corp.
Delegated domain name: _msdcs.stengg.corp.
DNS server: dc1.stengg.corp. IP:10.2.1.69 [Valid]
TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone stengg.corp.
Test record _dcdiag_test_record added successfully in zone
stengg.corp.
Test record _dcdiag_test_record deleted successfully in
zone stengg.corp.
TEST: Records registration (RReg)
Network Adapter [00000001] Intel(R) PRO/1000 MT Network
Connection:
Matching A record found at DNS server 10.2.1.68:
dc2.stengg.corp
Matching CNAME record found at DNS server 10.2.1.68:
628f866b-f24b-4c9b-9d08-7a5f179c8d1c._msdcs.stengg.corp
Matching DC SRV record found at DNS server 10.2.1.68:
_ldap._tcp.dc._msdcs.stengg.corp
Matching GC SRV record found at DNS server 10.2.1.68:
_ldap._tcp.gc._msdcs.stengg.corp
Matching PDC SRV record found at DNS server 10.2.1.68:
_ldap._tcp.pdc._msdcs.stengg.corp
Matching A record found at DNS server 10.2.1.69:
dc2.stengg.corp
Matching CNAME record found at DNS server 10.2.1.69:
628f866b-f24b-4c9b-9d08-7a5f179c8d1c._msdcs.stengg.corp
Matching DC SRV record found at DNS server 10.2.1.69:
_ldap._tcp.dc._msdcs.stengg.corp
Matching GC SRV record found at DNS server 10.2.1.69:
_ldap._tcp.gc._msdcs.stengg.corp
Matching PDC SRV record found at DNS server 10.2.1.69:
_ldap._tcp.pdc._msdcs.stengg.corp
thanks,
steve
"Paul Bergson" wrote:
Does your clients dns entries have both DC's defined? It sounds like you.
only have 1 of them and you are logging on with cached credentials.
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
http://www.pbbergs.com
This posting is provided "AS IS" with no warranties, and confers no rights.
"steve" <steve@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BB933D57-A1C4-4F5E-B546-42B04B472C82@xxxxxxxxxxxxxxxx
Hi,
i have an AD setup which goes like this:
DC1 - DFS
DC2 - with FSMO roles / DFS
Both DCs' DNS pointing to itself
Login script via netlogon
XP/2k Client - using DHCP. primary DNS pointing to DC1. secondary is DC2
When i shutdown DC1, i tested client login to domain. after login, it is
getting very slow when running the login script or even at times the login
script did not run at all.
If i click on 'my computer', i will see a blank white page instead of the
indow to see 'local drive & network drive'.
Why is that so? normal?
steve
- References:
- Re: client logon slow when 1 DC is down
- From: Paul Bergson
- Re: client logon slow when 1 DC is down
- Prev by Date: Re: CAN WE LOGIN TO A WINDOWS 2003 ACTIVE DIRECTORY DOMAIN OVER TH
- Next by Date: Re: CAN WE LOGIN TO A WINDOWS 2003 ACTIVE DIRECTORY DOMAIN OVER TH
- Previous by thread: Re: client logon slow when 1 DC is down
- Next by thread: Re: RPC and IPSec
- Index(es):
Relevant Pages
|
Loading
