Re: DNS-AD integration
- From: Meinolf Weber <meiweb(nospam)@gmx.de>
- Date: Mon, 17 Nov 2008 06:52:29 +0000 (UTC)
Hello Yeo,
You should always have all DC's up and running and if they are down bring them up again ASAP.
On the client open a command prompt and type "set". In the output you have the LOGONSERVER.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
"Ace Fekay [Microsoft Certified Trainer]" wrote:
In news:A5EC39ED-779D-4767-A9C7-80324093F398@xxxxxxxxxxxxx,Thanks Acer and Weber for the reply.
Yeo <Yeo@xxxxxxxxxxxxxxxxxxxxxxxxx> requesting assistance, typed the
following:
Thanks Weber,To add to Meinolf's excellent response, when pinging an Active
See inline.
"Meinolf Weber" wrote:
Hello Yeo,Pinging to the domain name when one of domain controller is down:
See inline.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
I have set up two servers (abc and xyz) and promote them to becomeIf you ping a domainname you can get a reply or not. This does not
domain
controllers with domain name say tamkprod-add.test.com
I have also set up AD-integrated DNS in both of these servers.
Question 1:
When I shut down one of the domain controllers, sometimes I get
request
timout when I do a ping to the domain name tamkprod-add.test.com.
At
this
point of time, when I join a client machine to the domain, I am
able
to
successfully join to the domain even when the domain name shows
request
timeout. Why is this so?
Any website for further reading in this area?
belong
to a special server. If you have more subnets you can get also an
answer
from a server from a different subnet. Pinging the domainname is
not
really
a reliable option to check connectivity, choose the domain
controller name's or ip address.
sometime I can get reply and sometime I get request timeout. My
guess is when the domain name TTL is expired, the domain name will
use the first domain controller ip address. When the next TTL is
expired, the domain name will use the second domain controller ip
address even if the second domain controller is shutdown.
Directory domain name, it will be resolving the "(same as parent)"
host name. This is also called the LdapIpAddress. Every DC in a
domain will register this name. It is used by numerous services,
including when a client machine runs the GetGpoList function at boot
and/or logon to query for GPOs that it must apply. If any DC is down,
or if Sites are enabled, and a DC is down in it;s respect site, and
it happens to resolve to that IP, then that specific function in my
example will not run and generate Eventlog errors (103 & 1058 in this
case), It will use DNS Round Robin to resolve it. When you pinged it,
you just happend to get the IP of the powered down DC, unless of
course the DC never registered properly. Check DNS to make sure they
are registered.
Also, the GC service is running on one of the DCs, which is a
required service. If you've powered down this DC, it will cause other
issues.
All DCs in an AD domain MUST always be running. There is really no
other option.
Also, make absolutely sure that both DCs and all clients are ONLY
using the internal DNS (assuming both DCs are DNS servers?) in your
AD infrastructure. Configure a Forwarder in DNS properties
(Forwarders Tab) on each DC/DNS to point to an ISP to increase
efficiency for internet name resolution.
btw - WINS is not used by Active Directory. NT4 did in the past, but
AD doesn't work that way.
Joining a machine can be done by specifying the domain name in one or
two ways. One as the NetBIOS name, such as "DOMAIN" and the other as
the FQDN, such as 'domain.com.' If you chose the NetBIOS method, and
a DC is local on the subnet, it will grab the first available DC that
responds. If using FQDN, it will resolve that in DNS and if you get
the one powered down, the join process will fail.
--?
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCT Microsoft
Certified Trainer
For urgent issues, you may want to contact Microsoft PSS directly.
Please check http://support.microsoft.com for regional support phone
numbers.
I have query pertaining to the Acer last statement:
"If using FQDN, it will resolve that in DNS and if you get the one
powered
down, the join process will fail."
Does this means that there is no way to prevent it from happening,
except to make sure that you have to recover the powered down DC asap?
How do you know which domain controller the client machine is using
currently, by pinging to domain name to see which DC it is using ??
.
- Follow-Ups:
- Re: DNS-AD integration
- From: Ace Fekay [Microsoft Certified Trainer]
- Re: DNS-AD integration
- From: Yeo
- Re: DNS-AD integration
- References:
- Re: DNS-AD integration
- From: Yeo
- Re: DNS-AD integration
- Prev by Date: Re: DNS-AD integration
- Next by Date: Re: DNS-AD integration
- Previous by thread: Re: DNS-AD integration
- Next by thread: Re: DNS-AD integration
- Index(es):
Relevant Pages
|
