Re: Datadomain Windows 2008 DC
- From: Meinolf Weber [MVP-DS] <meiweb(nospam)@gmx.de>
- Date: Tue, 5 May 2009 00:46:26 +0000 (UTC)
Hello skip,
You're dcdiag states you have 6 DC's your first posting 5 DC's, so which one is correct? I assume the dcdiag output.
- IRV-EDC-DC1
- IRV-EDC-DC2
- IRV-EDC-DC3
- IRV-EDC-DC4
- IRV-PQA-DC1
- SCT-MC1-DC1
The DC's are located over 3 sites in AD sites and services:
DC2 and DC4 in IRV-OC1, DC1, DC3 and PQA-DC1 in IRV-OC2 and MC1-DC1 in SCT-MP1.
Netdiag states about DNS problems:
Check the DNS registration for DCs entries on DNS server '10.0.130.101'
[FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for reading.
Check the DNS registration for DCs entries on DNS server '10.0.130.100'
[FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for reading.
[FATAL] No DNS servers have the DNS records for this DC registered.
Make sure that all DC's are listed correct in your dns zones. Additional run dnslint /ad /s "domain controller ip address" and post the output.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
"Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb66223bf8cb9b29a5701b53@xxxxxxxxxxxxxxxxxxxxxxx
Hello skip,
Again check the DC's with diagnostic tools. Also make sure that the
device uses a DNS server, i assume that is needed for it. But agin
without more info's about your domain setup it is a mess to recommend
anything.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
This is the backup appliance i am speaking about, i have no idea how
its configured, what i do know is the device is pointing to 2
different DC, one of which is running Windows 2008. All the All the
FSMO roles are running on windows 2008. If the device is ponted to a
windows 2008 DC it cant authenticate to the domain. It was explained
to me that the device doesnt work with kerberos under windows 2008.
http://www.datadomain.com/company/
"Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb662234a8cb9b113c680fe3@xxxxxxxxxxxxxxxxxxxxxxx
Hello skip,
Device??? So it is not an application whre you talking about?
Please describe more details about datadomain and the integration
in the domain.
Also do run the diagnostic tools, because you wrote about KRB
errors.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
well we dont use WINS so this might explain why the FQDN is
needed,
but
regardless the domain suffix should have been appended. I have
been
told the
device cannot authenticate to a windows 2008 DC, having a hard
time
understanding this though
"Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb66222fe8cb9b04fb678d63@xxxxxxxxxxxxxxxxxxxxxxx
Hello skip,
Check with the diagnostic tools. When you have to use the FQDN
instead of NetBios what was possible before, something is going
strange. Also the name in capitals is not needed normally.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
Hello
I understand i need to check with the vendor as well, but if the
domain and forest are running in windows 2003 native just
because there are windows 2008 DC's in the environment shouldnt
they be handeling authentication and authorization the same way
a Windows 2003 DC does?
Thanks
"Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in
message
news:ff16fb66222d28cb9afdb8cacdc3@xxxxxxxxxxxxxxxxxxxxxxx
Hello skip,
For Datadomain check with the vendor of that application if it
is 2008 compatible.
If you get kerberos errors, please check the DC's event viewer
for errors and run dcdiag /v, netdiag and repadmin /showrepl to
check for errors. To use netdiag on 2008 just copy the
netidag.exe from 2003 to it, will work the same.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no
warranties,
and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
Hello all
I am gradually replacing all of our 2003 DC with 2008 DC.
Right now we have 5 DC's 3 out of the 5 are running Windows
2008. The domain and forest functional levels are at 2003
native. We run a backup device called a "DataDomain" recently
this device stopped authenticating to the domain, and backup
jobs started failing, basically users would get prompted for
creditials when accessing a share on the DataDomain.
I took a network trace using wireshark and i was able to
capture a failed logon attempt when accessing the share. I was
also captured KRB errors. The DataDomain device would send a
AS-REQ to a DC, this DC is running Windows 2003, and it no
FSMO roles on it. the DC would respond with a KRB Error:
KRB5KDC_ERR_C_Principal_Unknown. We were able to add the
device back to the domain by using tying in all caps
DOMAINNAME.COM
Any issues with Windows 2008 DC and Devices like SAN's and
DataDomains?
.
- Prev by Date: Re: Windows XP Logon Domain Selection Matter
- Next by Date: RE: 2008 DC
- Previous by thread: Re: Datadomain Windows 2008 DC
- Next by thread: Re: Datadomain Windows 2008 DC
- Index(es):
Relevant Pages
|
Loading
