This all looks good, but without seeing the ipconfig /all from both dc's and
a client I can't positively say yeah it is setup. I'll just take your word
for it.
Run diagnostics against your Active Directory domain.
If you don't have the support tools installed, install them from your server
install disk.
d:\support\tools\setup.exe
Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> ntfrsutl ds your_dc_name > c:\sysvol.log
-> dnslint /ad /s "ip address of your dc"
**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's
in the forest. If you have significant numbers of DC's this test could
generate significant detail and take a long time. You also want to take into
account slow links to dc's will also add to the testing time.
If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests without
having to learn all the switch options. The details will be output in
notepad text files that pop up automagically.
The script is located on my website at
http://www.pbbergs.com/windows/downloads.htm
Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)
When complete search for fail, error and warning messages.
Description and download for dnslint
http://support.microsoft.com/kb/321045
--
Paul Bergson
MVP - Directory Services
MCITP - Enterprise Administrator
MCTS, MCT, MCSE, MCSA, MCP, Security +, BS CSci
2008, Vista, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewGroups. This
posting is provided "AS IS" with no warranties and confers no rights.
"Andrew" <> wrote in message
news:...
> The DC's have the Primary DNS looking at themselves at the Secondaries
> looking at each other.. in other words:
>
> DC1 IP: 10.0.2.1
> DC2 IP: 10.0.2.2
>
> DC1 Primary DNS: 10.0.2.1
> DC1 Secondary DNS: 10.0.2.2
>
> DC2 Primary DNS: 10.0.2.2
> DC2 Secondary DNS: 10.0.2.1
>
>
> All client machines are using DC1 and 2 for DNS via DHCP from DC1.. now
> this answers why netlogon MAY occur if DC1 goes down in the domain as some
> users may lose IP address settings if its down long enough but doesn't
> explain why DC2 would start getting netlogon since its static and looking
> at itself.
>
> "Paul Bergson [MVP-DS]" <> wrote in message
> news:...
>> Agree with the others. Verify that the nic settings on the two dc's as
>> well as the clients have references to both dns servers.
>>
>> If you are unssure post an ipconfig /all from both dc's and a client and
>> we can take a look at your settings.
>>
>> --
>> Paul Bergson
>> MVP - Directory Services
>> MCITP - Enterprise Administrator
>> MCTS, MCT, MCSE, MCSA, MCP, Security +, BS CSci
>> 2008, Vista, 2003, 2000 (Early Achiever), NT4
>> Microsoft's Thrive IT Pro of the Month - June 2009
>>
>> http://www.pbbergs.com
>>
>> Please no e-mails, any questions should be posted in the NewGroups. This
>> posting is provided "AS IS" with no warranties and confers no rights.
>> "Andrew" <> wrote in message
>> news:...
>>> I'm having an issue with PDC Emulation. I have two domain controllers in
>>> an AD Integrated Zone. Both DC's are set as Global Catalogs yet for some
>>> reason if the PDC Emulator goes offline, all authentication in the
>>> domain goes dead and I get netlogon errors across all systems. I even
>>> saw a netlogon error in the second domain controller. I'm not sure why
>>> this happens as both DC's are global catalogs. Can anyone shed some
>>> light?
>>
>>
Similar Threads
Linear Mode
