Re: Very Critical issue

Tech-Archive recommends: Fix windows errors by optimizing your registry

Correct, time is very important n AD environments to validate Kerberos and replication. Correct that and check if the same happens. Let's know the results.

--
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"Sukhwinder Singh" <SukhwinderSingh@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:5724E9D1-5EEC-45BA-9070-BAA2A3984100@xxxxxxxxxxxxxxxx

Hi Jorge,

We do have WINS setup in both the domains. DNS is installed in all the DC's
and workstations are configured to connect to the local DNS servers in site.

When we Ping using netbios or host name we are getting proper response.

We have found one more thing that after logging to PDC in a.com and opening
dsa.msc when we are trying to connect to b.com domain we are getting the error

"windows cannot connect to the new domain no authority could be contacted
for authentication"

We have checked and found that there is time difference of more than 5 mins
between both the domains.

Please confirm if the issue can happen due to time difference in both the
domains as it is more than 5 mins.

Sukhwinder Singh




Regards,
"Jorge Silva" wrote:

Hi
-Did you follow my last post?
-Do you have WINS? How DNS is configured in Workstations/Servers and DCS?

- If you ping that server using \\servername, what results do you get? and
if you ping using the FQDN \\servername.domain.com what results do you get?



--
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"Sukhwinder Singh" <SukhwinderSingh@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:B99556BD-761C-4DA8-8B4A-3FDBD8B516EF@xxxxxxxxxxxxxxxx
>
> Hi Jorge,
>
> We have checked DNS and Domain functionality using DCDIAG AND NETDIAG > and
> could not find any error. In one of the servers the issue is resolved > by
> restarting the file server.
> We have logged into another file server and checked the acl of the > shared
> folders. I was surprised to see that the acl contains some unresolved
> SID's
> from the other domain. We have previously done security translation on
> these
> servers to add the users from both the domains.
>
> The users from the domain in which the server is added are showinf fine
> but
> users from other domain are showing as unresolved SID's
>
> Will there be any issue with secure channel. Kindly let me know how to
> verify secure channel in windows 2000 file server.
>
>
>
> "Jorge Silva" wrote:
>
>> Hi
>> This is generally caused by bad DNS configuration, make sure that BOTH
>> ends
>> can resolve eachother by DNS, then do the test using
>> \\servername.domain.com. Also check WINS (assuming different subnets)
>> when
>> using \\servername instead of \\servername.domain.com.
>>
>> -- >> I hope that the information above helps you.
>> Have a Nice day.
>>
>> Jorge Silva
>> MCSE, MVP Directory Services
>>
>> Please no e-mails, any questions should be posted in the NewsGroup
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>> "Sukhwinder Singh" <SukhwinderSingh@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote >> in
>> message news:193C9E8A-E7EA-4B0A-AD78-64C8CC6E55E5@xxxxxxxxxxxxxxxx
>> > Dear All,
>> >
>> > We are facing serious issue in our Active Directory network. We have >> > 2
>> > forests and there is forest trust between both the forests. There is >> > a
>> > file
>> > server in domain a.com and the users are in domain b.com. When the
>> > users
>> > are
>> > trying to access the file server as \\servername they are getting >> > the
>> > error
>> > as below
>> >
>> > "\\servername is not accessible. You might not have permission to >> > use
>> > this
>> > network resource. Contact the administrator of this server to find >> > out
>> > if
>> > you
>> > have access permissions.
>> >
>> > There are currently no logon servers available to service the logon
>> > request."
>> >
>> > This issue is very critical as no one is able to access the shared
>> > drives.
>> >
>> > We are in the process of domain consolidation, so many of the users
>> > have
>> > already been migrated to b.com domain but the servers are still in
>> > a.com.
>> >
>> > Need urgent help on the same.
>> >
>> > Would be very grateful
>> >
>> > Sukhwinder singh
>> >
>> >
>>


.

Relevant Pages

  • Re: Forworders or Root Hints?
    ... root hints and forwarders are methods of doing this. ... As long as it isn't my internal DNS I'm fine with that, ... "Jorge Silva" wrote: ... internal network)" You can have your own Cache only DNS server without ...
    (microsoft.public.windows.server.dns)
  • Re: Adding second DNS on second domain controller
    ... MCSE, MVP Directory Services ... "Jorge Silva" wrote: ... If you select the DNS server using DNS console snapin in the right ...
    (microsoft.public.windows.server.dns)
  • Issues migrating SBS 2003 domain to Server 2008 Standard
    ... We are stuck migrating our SBS 2003 domain to Server 2008. ... Fatal Error:DsGetDcName (SRV-EXCH) call failed, ... Verify your Domain Name Sysytem (DNS) is ... network connectivity to a domain controller. ...
    (microsoft.public.windows.server.sbs)
  • Re: AD management snap in cannot find DC (netdiag /v workstation)
    ... The name.local entries are used by my apache server to implement ... change button, more button, the "Primary DNS suffix of this ... Attr: subschemaSubentry ... Owner of the binding path: ...
    (microsoft.public.windows.server.active_directory)
  • Re: Add a Remote Office to our Corporate Windows 2003 Domain Netwo
    ... "Jorge Silva" wrote: ... My corporate 2003 DC server i create a new site for the remote office. ... Make sure that this setup of DNS ...
    (microsoft.public.windows.server.active_directory)