Announcement

Collapse
No announcement yet.

Child DC's not showing in Sites and Services

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Child DC's not showing in Sites and Services

    I have 1 forest with 2 DC's in the root, 10 child Domains with 2 x DC's in each running deligated DNS....

    I have recently migrated the DC's in one country, by premoting 2 more 2k boxes, leaving for a night and demoting the old hardware. This looked at the time to all go through fine.

    I have since got back to the uk and have been checking the AD (Sites and Services) and the 2 new servers are not in there. It looks like the root does not know that I have 2 new DC's in Poland.

    When I go to add a new active directory connection from the root to the 2 new child DC's the new names do not come up and the old one is still there. i.,e. old server used to be called plwas001p, new servers are called plwas011p & plwas012p. I do not get the option to pick the new names.

    If I manually add the servers with in the Poand site... Sites and Services... Choose Poland.... then servers, add new server.... and I add plwas011p & plwas012p.... all fine. when I right click and properties of these server you have a server tab. down the botton of this you can then point to the server you want this to represent..l. I browse the poland domain and find the dc's. I select the DC.. The computer and domain details are populated with in the servers tab, I press apply and it says "The following Active Error occured. The name reference is invalid"

    Im stuck and think the Poland GC's may not be updating, I have populated the root dns with the GC info. Is there a way to force this replication or view whats been coppied/replicated if anything.

    Any ideas??

  • #2
    Re: Child DC's not showing in Sites and Services

    This strongly suggests that replication is not complete. One possible cause is that DNS is not working as it should. You might want to doublecheck the delegation from the root, and the forwarder from the child.

    > I have populated the root dns with the GC info.

    Manually? That's bad. If you had to do that it just confirms that DNS is broken. You should never have static records for AD.

    Also, active network components (firewall, IDS) can cause all sorts of vague trouble like this. Any chance of that?

    Comment


    • #3
      Re: Child DC's not showing in Sites and Services

      You might want to doublecheck the delegation from the root, and the forwarder from the child. - In the root dns, I have the correct NS records there looking at the child DC's

      The fowarers from the child are correct. DNS seems to be working fine. I can resolve every domain etc

      There is like 1 way replication. Anything I change on the root, populates the child in question. I.e. I put a tmp server name into sites and services and it will appear in the child site and services in 60 mins..... But If I change something on the child, this does not populate to the root site and serv's.

      Child Iin the last few days now has a lot more autogenerated links in there now which I guess is good.

      I went to use NTDSUTIL the other day to remove a server from sites and services for the child in question, I was about to remove this and it said it was the last server in the domain are you sure you want to do this? I didnt do it... but there are 2 more dc's there now which the root dosnt seem to know about? Do I manually inject these in using http://support.microsoft.com/?kbid=232538 ??

      Comment


      • #4
        Re: Child DC's not showing in Sites and Services

        > http://support.microsoft.com/?kbid=232538 ??

        Definitely not. This is highly obscure and certainly not relevant.

        > I went to use NTDSUTIL the other day to remove a server from sites and services for the child in question

        That makes sense (sort of) if you ran ntdsutil from the root. To remove it from the child, run it from the child. Why, btw, did a demote fail?

        > I put a tmp server name into sites and services and it will appear in the child site and services in 60 mins..

        That means that the child can find the root. Is the reverse also true?

        General remark: manually messing with NTDS objects, connection objects etc. is not a good idea. In a normal environment you create Sites, Sitelinks and Subnets. You put DC's in proper sites wherever needed, and let AD do the work from that point on. If that _fails_ to work, solve the problem (DNS!) before tuning manually. Just my 2cts.

        Comment

        Working...
        X