Re: Active Directory problem
- From: "Jorge de Almeida Pinto" <SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx>
- Date: Tue, 27 Dec 2005 16:51:58 +0100
http://support.microsoft.com/default.aspx?scid=kb;en-us;266651
--
Cheers,
# Jorge de Almeida Pinto #
BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx
-----------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
"Anindya Sen" <AnindyaSen@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0A3E5F7B-3C0B-4701-8A87-2F447D7C58B2@xxxxxxxxxxxxxxxx
> Hi,
> I tried the solution of netdom. But this only adds the machine to the
> domain
> controller but not join the machine to the domain?
> Do I have to again join the machine to the domain after adding the machine
> to the domain controller using this command?
>
> Also, adding the machine can be done manually by adding a machine in the
> particualar AD too? Is this the same. Here the problem is that, the DNS
> does
> not get flooded with the name of the machine ? How to solve this problem?
>
> Your help will be gretly appreciated.
>
> "Jorge de Almeida Pinto" wrote:
>
>> FIRST...
>>
>> In AD you should:
>> * Define sites for those well connected locations that have site aware
>> services (e.g. DCs, Exchange, DFS..)
>> * Define site links and configure their schedule, interval and cost and
>> make
>> the appropriate sites a member of the site link
>> * Define subnets and link a subnet to the appropriate site (You need to
>> define ALL subnets that have Windows clients/servers/DCs.)
>>
>> For locations that are not represented by a site in AD (because they do
>> not
>> have site aware services), link the subnets to the nearest location that
>> is
>> represented by a site in AD.
>>
>> You might also want to configure the DCs in the branch offices not to
>> register domain
>> wide DC locator records (see also: MS-KBQ306602_How to Optimize the
>> Location
>> of a DC or GC That Resides Outside of a Client's Site)
>> Also take a look at the following articles:
>> http://www.windowsitpro.com/Windows/Article/ArticleID/37935/37935.html
>> http://www.windowsitpro.com/Article/ArticleID/40718/40718.html
>>
>> Also see:
>> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/adsrv.mspx
>> http://www.microsoft.com/technet/itsolutions/wssra/raguide/default.mspx
>> (The
>> Directory Service blueprint -> Enterprise Design for Active Directory ->
>> "Designing the Site Topology" section.
>>
>>
>> SECOND...
>>
>> When joining computers (clients or servers) to the domain the process
>> that
>> occurs is described at:
>> http://blogs.dirteam.com/blogs/jorge/archive/2005/12/07/241.aspx. The
>> issue
>> you are experiencing is similar to the "first case described"
>>
>> When joining a computer to a domain, that same computer does not yet know
>> to
>> what site it belongs. Because of that it asks for ALL DCs in the domain
>> (or
>> more accurate: all DCs that have registered the domain wide service
>> records,
>> and by default those are all DCs in the domain). In this case you might
>> get
>> ANY DC were the account is created. Most of times only HUB DCs register
>> domain wide service records or again more accurate non-HUB DCs are
>> prevented
>> from registering domain service records and will register only site wide
>> service records.
>>
>> With the GUI it is not possible to target a specific DC. However, this IS
>> possible is you use NETDOM. See below for the command line options...
>>
>> NETDOM ADD machine /Domain:domain [/UserD:user] [/PasswordD:[password |
>> *]]
>> [/Server:server] [/OU:ou path] [/DC]
>>
>> NETDOM ADD Adds a workstation or server account to the domain.
>>
>> machine is the name of the computer to be added
>>
>> /Domain Specifies the domain in which to create the machine
>> account
>>
>> /UserD User account used to make the connection with the domain
>> specified by the /Domain argument
>>
>> /PasswordD Password of the user account specified with /UserD. A *
>> means
>> to prompt for the password
>>
>> /Server Name of a specific domain controller that should be used
>> to
>> perform the Add. This option cannot be used with the /OU
>> option.
>>
>> /OU Organizational unit under which to create the machine
>> account.
>> This must be a fully qualified RFC 1779 DN for the OU.
>> When
>> using this argument, you must be running directly on a
>> domain
>> controller for the specified domain.
>> If this argument is not included, the account will be
>> created
>> under the default organization unit for machine objects
>> for
>> that domain.
>>
>> /DC Specifies that a domain controller's machine account is
>> to
>> be
>> created. This option cannot be used with the /OU option.
>>
>> --
>> Cheers,
>> # Jorge de Almeida Pinto #
>> BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx
>> -----------------------------------------------------------------------------
>> * This posting is provided "AS IS" with no warranties and confers no
>> rights!
>> * Always test before implementing!
>> -----------------------------------------------------------------------------
>>
>>
>> -----------------------------------------------------------------------------
>> "Anindya Sen" <Anindya Sen@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:8B50CF7D-ADD8-440A-9659-9E27300C20C4@xxxxxxxxxxxxxxxx
>> > Hi,
>> >
>> > We have a 24 location windows 2003 active directory project. Here there
>> > are also some 900 sites which are WAN locations( 64 KBps), which will
>> > connect to these domain controllers.
>> >
>> > The problem is when a machine is this wan locations are joining the
>> > domain, they are not joining the correct domain controller ( DNS is
>> > pointing to the correct domain controller). This is causing a lot of
>> > problems.
>> >
>> > Eg. A machine in site x having IP 10.10.4.5 and dns entry is 10.10.0.5.
>> > 10.10.0.5 is the correct domain controller for the machine( according
>> > to network architecture).
>> >
>> > But when it is joining the domain it is going to some other domain
>> > controller say 10.80.0.5.
>> >
>> > nslookup a.co.in( where a.co.in) is the domain, returns all the ips of
>> > the a.co.in DCs and it keeps on changing( even the first value).
>> >
>> > Please help
>> > Anindya
>> >
>>
>>
>>
.
- Follow-Ups:
- Re: Active Directory problem
- From: Anindya Sen
- Re: Active Directory problem
- References:
- Re: Active Directory problem
- From: Jorge de Almeida Pinto
- Re: Active Directory problem
- From: Anindya Sen
- Re: Active Directory problem
- Prev by Date: Re: Active Directory problem
- Next by Date: Re: Error 6702
- Previous by thread: Re: Active Directory problem
- Next by thread: Re: Active Directory problem
- Index(es):
Relevant Pages
|
