Re: can not log in when 1 DC is down

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

I could see if one dc was down but not both, this is very odd.

I would make sure both are Global Catalog servers for starters, then ...

Run diagnostics against your Active Directory domain.

If you don't have the support tools installed, install them from your server
install disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> dnslint /ad /s "ip address of your dc"

**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's
in the forest. If you have significant numbers of DC's this test could
generate significant detail and take a long time. You also want to take
into account slow links to dc's will also add to the testing time.

If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests
without having to learn all the switch options. The details will be output
in notepad text files that pop up automagically.

The script is located on my website at
http://www.pbbergs.com/windows/downloads.htm

Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.

Description and download for dnslint
http://support.microsoft.com/kb/321045


--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"royst" <royst@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2188DE44-779D-4919-8C87-E952A0C85C26@xxxxxxxxxxxxxxxx
We are haveing issues when ethier 1 of our DC's goes down. No one can
logon
until they are both running. I have DNS running on both and the point to
there own IP as Primary DNS and the other as Secondary DNS. All serfvers
and
Workstations have both DNS entries. Does not matter which Domain
controller
is down when this happens.

Thanks


.

Relevant Pages

  • Re: test domain completely offline.. help
    ... If you don't have the support tools installed, install them from your server install disk. ... Run dcdiag, netdiag and repadmin in verbose mode. ... If you download a gui script I wrote it should be simple to set and run (DCDiag and NetDiag). ... registered etc(which I assume was a symptom of DNS being offline). ...
    (microsoft.public.windows.server.active_directory)
  • Re: netlogon error
    ... Ran netdiag and dcdiag no change. ... Went into AD Sites & Services, under Security added SELF and checked ... > not in DNS and hence not visible in results of the KCC ...
    (microsoft.public.windows.server.security)
  • Re: "DNS name does not exist."(error code 0x0000232B RCODE_NAME_ERROR)
    ... If you don't have the support tools installed, install them from your server ... Run dcdiag, netdiag and repadmin in verbose mode. ... The following error occurred when DNS was queried for the service location ...
    (microsoft.public.windows.server.active_directory)
  • Re: can not log in when 1 DC is down
    ... I would make sure both are Global Catalog servers for starters, ... Run dcdiag, netdiag and repadmin in verbose mode. ... there own IP as Primary DNS and the other as Secondary DNS. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Domain Controller Stops Processing All Login Requests Randomly
    ... But you seem pretty competent and if you have checked all of the DCDiag ... They are both holding the same exact zone. ... DNS is not case sensitive and although NetBIOS ... > "waimea.coe.cudenver.edu" in the server field. ...
    (microsoft.public.windows.server.dns)