Announcement

Collapse
No announcement yet.

AD Domain & Trust

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Domain & Trust

    Hi All,

    We are having 2 DC at the moment which is adsvr01 & adsvr02. Our domain is xyz.com. I can view the xyz.com in adsvr02 domain and trust window but nothing is showing up in adsvr01. adsvr01 is the primary DC. is this normal or can someone guide me for this. Thanks.

  • #2
    Re: AD Domain & Trust

    So you are saying that adsvr01 is not seeing all of active directory -- have you checked replication using repadmin and dcdiag?

    If you have any doubts, flatten (format and reinstall) the problem DC and rebuild it -- remember to "carpe FSMO" too
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: AD Domain & Trust

      i can see the active directory in adsvr01 but unable to see xyz.com in "domain & trust" window.it only appear in adsvr02 which adsvr02 is secondary domain controller.

      Comment


      • #4
        Re: AD Domain & Trust

        Check replication is working.

        Comment


        • #5
          Re: AD Domain & Trust

          AD Domains and Trusts should work in both, so something is wrong
          Check replication and report back
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: AD Domain & Trust

            here are the result from dcdiag on both servers. Thanks.
            Attached Files

            Comment


            • #7
              Re: AD Domain & Trust

              http://support.microsoft.com/kb/967482

              Comment


              • #8
                Re: AD Domain & Trust

                sorry but
                If you do not plan to add an RODC to the forest, you can disregard this error. If you plan to add an RODC to the forest, you must run adprep /rodcprep.
                adsvr02 is not rodc.

                Comment


                • #9
                  Re: AD Domain & Trust

                  Yep i seen that.

                  Do you have both firewalls running on the DC's?? Turn them off if you do.

                  Can you post an ipconfig from both machines as well.

                  I would also post a repadmin.exe /showrepl result

                  Comment


                  • #10
                    Re: AD Domain & Trust

                    already disabled the firewall in the services. here is the log you requested..
                    Attached Files

                    Comment


                    • #11
                      Re: AD Domain & Trust

                      The only thing i can see that is missing is the WINS server on SRV1 is missing.

                      Comment


                      • #12
                        Re: AD Domain & Trust

                        added wins to adsvr01 and it doesn't work.

                        Comment


                        • #13
                          Re: AD Domain & Trust

                          Sigh give it a chance.

                          Comment


                          • #14
                            Re: AD Domain & Trust

                            Click Start, type "adsiedit.msc", expand default naming context find, right-click "DC=yourdomain,DC=com", choose Properties, switch to Security tab, click Advanced. On permissions tab, check that ENTERPRISE DOMAIN CONTROLLERS exists, and has at least "replicating directory changes" ticked.

                            Do the same for Enterprise Read-Only Domain Controllers. Its just to make sure that the replication permissions are ok.

                            -Replicating Directory Changes
                            -Replication Synchronization
                            -Manage Replication Topology

                            If already set, perhaps good to a full dcdiag for more potential hints.

                            dcdiag /c /e /v >dcdiag.txt (attach output to post)
                            Last edited by Dutch; 28th September 2012, 03:32. Reason: Corrected Typo, and added permissions to check

                            Comment


                            • #15
                              Re: AD Domain & Trust

                              maybe some of you confuse but here is the attachments that i'm talking about..sorry.adsvr01 is the primary and adsvr02 is secondary but it really come to my concern that it just show in the adsvr02.Thanks
                              Attached Files

                              Comment

                              Working...
                              X