| Author | Messages | |
PARRIS
Posts:97
 | | 10/06/2008 6:19 AM |
| A question I meant to ask last week, do you use your internet domain name as the name for your AD domain running in a split brain DNS scenario and perhaps your PC is going external to resolve internal addresses?
Just a thought?
Regards,
Mark Parris
-----Original Message-----
From: "Kamlesh Parmar" <kamleshap@gmail.com>
Date: Fri, 3 Oct 2008 19:29:36
To: <ActiveDir@mail.activedir.org>
Subject: AD: Re: [ActiveDir] Clients Fail To Logon...Eventually!
can you try this ?
Make sure following services are running on client
Netlogon, workstation, remote procedure call, TCP/IP netbios helper
In the properties of the NIC, "microsoft network client" and "file & print
services" are ticked.
try to open \\education.private\netlogon folder
does it open or gives "network path not found" error
On the server side
In the properties of the NIC microsoft network client and " file & print
services" are ticked.
on the WINS tab "Enable netbios over TCP/IP" is ticked.
server service is running.
You are able to access network share "\\education.private\netlogon"
Also, as a last resort check the SMB signing settings in Default DC policy
and Default domain policy. They should match.
-Kamlesh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Argue for your limitations, and sure enough, they're yours.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On Fri, Oct 3, 2008 at 7:16 AM, James Bensley <jwbensley@gmail.com> wrote:
> Update:
> I found an article about giga-bit NIC cards never being too far away from
> my issue (the Event ID 1054). A relating Micro$oft article lead me to
> http://support.microsoft.com/kb/239924
> That talks about adding a registry entry for disabling MediaSense which is
> used for link state detection. What I find interesting is that the DWORD
> value you need to add is called "DisableDHCPMediaSense". After adding this
> registry key and resetting the client machine I was unable to log in to a AD
> account. I was receiving the error message "The system can not log you on
> now because the domain EDUCATION is not available now". I logged in as the
> local admin to check the network connection and back out and then I was able
> to log in as a AD Account? (Not only did I log on but it didn't take 20
> minutes, I had the desktop in 20 seconds!)
>
> I logged out to try another but then I got the same error again about the
> domain being unavailable? So now I have a semi working set up where
> sometimes I can log in and sometimes I can't, also a restart is needed every
> few attempts. Also, sometimes it goes back to the "good-old-ways" and takes
> 20 minutes to log in again? So I have moved from a totally useless set up to
> a fairly useless set up which is no better really?!?!
>
> Back to what I said about "DisableDHCPMediaSense" being an interesting
> name, it would suggest that this only has an effect on computers using DHCP
> which mine are (even though they are static mappings for this particular
> bunch). So I change one of my windows clients to a manually assigned address
> (the same address it would get if it where on DHCP because these are static
> mappings!) and added the registry key and I'm getting the same results,
> mostly logging on fails because the domain is unavailable or they go back to
> taking 20 to log on again.
>
> So that registry key has made a slight difference so can anyone think of
> anything like that relating to the physical set up that could help?
>
> Readers time is greatly appreciated and any response I receive I am also
> greatly thankful for.
>
> Regards,
> Bensley 
>
> 2008/10/3 James Bensley <jwbensley@gmail.com>
>
> To Arun:
>>
>> The results for my service resource records are as follows:
>>
>> C:\Documents and Settings\Administrator>nslookup
>> Default Server: hestia.education.private
>> Address: 10.0.0.4
>> > set type=srv
>> > _ldap._tcp.dc._msdcs.education.private
>> Server: hestia.education.private
>> Address: 10.0.0.4
>> _ldap._tcp.dc._msdcs.education.private SRV service location:
>> priority = 0
>> weight = 100
>> port = 389
>> svr hostname = hestia.education.private
>> hestia.education.private internet address = 10.0.0.4
>>
>> All intact (I had checked these already on the server but I suppose good
>> to check form a client!)
>>
>> To Akomolafe:
>>
>>> Before you setup the AD, how was the XP connecting to the internet?
>>
>> They were part of an old domain which we decided to abandon because it was
>> getting old and slow (the mac clients where also on an old slow setup and
>> thought we would start a fresh with a new more updated set up and merge macs
>> and windows together . So they where connecting though a proxy server,
>> which doesn't exist anymore they are on a direct connection to the internet
>> at the minute via the firewall until I get the domain setup internet access
>> doesn't matter that much.
>>
>>
>>> After you setup AD, did you change anything on the XP machine?
>>
>> No, just unbound them from the old domain and then bound them to the new
>> domain, change the IP addresses slightly, there where on 10.0.0.x/24 before
>> and are again now just different machine numbers.
>>
>>
>>> Did you adjust the list of DNS servers in TCP/IP?
>>
>>
>> Again new setup so new dns server but just a different ip really, old
>> server was 10.0.0.10, new one is 10.0.0.4.
>>
>>
>>> If you type nslookup <Enter>, does it show the IP of one of your new DCs
>>> as THE DNS server?
>>
>>
>> C:\Documents and Settings\Administrator>nslookup
>> Default Server: hestia.education.private
>> Address: 10.0.0.4
>> >
>>
>> As you can see its a yes, this is my trouble everything looks correct but
>> something somewhere is wrong?
>>
>> I have since seen a post about some AMD servers having some sort of driver
>> conflict giving the exact same error to other people on forums etc, I
>> updated mine to the latest version as the DC is an AMD 64 Opteron but again,
>> to no avail everything is running exactly the same?
>>
>> Thanks for the suggestions guys but I'll have to keep looking?
>>
>> Regards,
>> Bensley
>>
>
>
| | | |
|
|