Telephone: (480) 722-1227 Toll Free: (888) 722-1227
  Email - Contact
  Register Login   |   Knowledge Base  >  Knowledge Base Systems  >  Windows  >  Active directory troubleshooting   |   Saturday, July 31, 2010 search:    
Home
       testrssmain
Knowledge Base
       Research
Support
Contact
Unanswered Active Topics Forums Search Members
Active directory troubleshooting
Last Post 28 Jul 2008 09:47 PM by Chris Muench. 3 Replies.
Printer Friendly
Sort:
PrevPrev NextNext
You are not authorized to post a reply.
Author Messages
Vigilant CIOUser is Offline
Basic Member
Basic Member
Posts:353

--
05 Aug 2007 10:38 AM  
TechNet Home > Community > Events > TechNet Events Repository

Windows Server 2003 Active Directory Diagnostics, Troubleshooting, and Recovery

Updated: 19/03/2003

This session covers verifying Active Directory functionality, diagnosing and troubleshooting replication, locating Active Directory database files, backing up and recovering system state data, and seizing FSMO roles.

*
On This Page

Session Agenda Session Agenda
Session Materials Session Materials
Related Resources Related Resources

Session Agenda

Verifying Active Directory Functionality

Diagnosing and Troubleshooting Replication

Locating Active Directory Database Files

Backing Up and Recovering System State Data

Seizing FSMO Roles

Session Materials

This session consists of aWindows Media presentation and the following demonstrations:

1.

Verifying Active Directory FunctionalityLearn common steps to take when troubleshooting Active Directory or Domain Controller problems, including turning up Active Directory error logging, verifying DNS records, and using utilities such as DCDiag.exe and NETDOM.exe to verify the status of domain controllers.

2.

Diagnosing and Troubleshooting ReplicationLearn how to use the REPLMON and REPADMIN utilities to illustrate replication in an Active Directory domain.

3.

Locate and Show Active Directory Database FilesLearn how to locate and show Active Directory database files.

4.

Backup and RecoveryThis demonstration shows how to backup and restore the Active Directory database, and how to perform an authoritative restore of Active Directory data.

5.

Seizing FSMO Roles Learn how to use the Active Directory Replication Monitor to view the low-level status of Active Directory replication, force synchronization between domain controllers, view the topology, and monitor the status and performance of domain controllers.

Related Resources

Use the following resources to learn more about topics covered in this briefing.

Links

Windows Server 2003 Technical Reference

Active Directory Disaster Recovery

Active Directory Operations Guide

318340 - HOW TO: Verify That Active Directory Partitions Are Replicated Properly on All Domains in Windows 2000

298448 - Windows 2000 DNS and Active Directory Information and Technical Resources

315136 - HOW TO: Complete a Semantic Database Analysis for the Active Directory Database by Using Ntdsutil.exe

Chapter 10 - Active Directory Diagnostics, Troubleshooting, and Recovery

Chapter 9 - Active Directory Backup and Restore

Chapter 10 - Disaster Recovery for Branch Office Environments

Windows Resources

Community Newsgroups

 
Vigilant CIOUser is Offline
Basic Member
Basic Member
Posts:353

--
05 Aug 2007 10:53 AM  

_msdcs stub zone in domain controllers is critical in replication and authentication.

active directory authentication issue was caused by missing netbios self registration of DC. The server resolves itself thru a guid dns entry created when the network card self registers itself with a new IP. So, when an IP is changed or a new nic card is used for a dns or DC ( domain controller ), in the network settings tab for the nic (tcp/ip), the " register this connection in dns" must be checked. recycle the netlogon service will then auto generate the GUID based dns entry  (ex; 43b0064d-a10a-38b5-a146-58cee8ce147e._msdcs.mydomain.com ) in the _msdcs forward lookupzone in dns, allowing the DC to be registered.
Vigilant CIOUser is Offline
Basic Member
Basic Member
Posts:353

--
28 Jul 2008 08:15 PM  

on the client side;

when trying to join or unjoin a computer to the domain, the biggest problem is dns. If the client computer is unable to resolve the domain, it will not be able to join it.

Cause; Domain controller not in the primary DNS, WIN, Netbios list.

Solution;

A quick fix is to change the computer to manual DNS, and make the primary dns server the domain controller. When dynamic is required, ensure that the primary & secondary dns server provided by the DHCP server can resolve the domain;

example: if your DHCP server is 10.1.0.1, and the dns servers are 10.1.0.11 & 12, you would use nslookup at the command line; " nslookup technet.local 10.1.0.11 " which would query the 1st DNS server for the domain "technet.local". To complete the test, you should be able to ping technet.local. If you cannot, you must solve this problem before joining the computer to the domain.

note; in many small office networks, with SBS server, it is often best to disable DHCP on the SOHO gateway (2 wire, actiontec, linksys, etc...), enable a DHCP scope on the SBS (small business server) , exclude ranges used by static device (like the 2 dns servers (10.1.0.11 & 12), and ensure that the 1st DNS server in the list is the SBS server.
Chris MuenchUser is Offline
New Member
New Member
Posts:57

--
28 Jul 2008 09:47 PM  
I would also add for DNS troubleshooting. If you can use the hosts file. Cause your server should have a static ip anyway :)
You are not authorized to post a reply.
Forums > Knowledge Base Systems > Windows
Active Forums 4.2
Copyright 2006 - 2010 Vigilant Support   |  Privacy Statement  |  Terms Of Use