Get a network trace of the logon. You will probably see the failures right there in it.
-- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steele, Aaron [BSD] - ADM Sent: Wednesday, April 26, 2006 1:30 PM To: [email protected] Subject: [ActiveDir] oddness with sites. Okay I have a perplexing problem that I haven't found any help for on the web. Maybe someone her can help. I have a fairly simple AD forest single forest, single domain. 2 sites, defined properly as far as I can tell. In the remote site, there is a DC/GC, both physically and in Sites and Services. The x.x.81.X subnet is tied to the correct site. Output form nltest is below. nltest /dsgetdc:<domain-name> /site:UCPG DC: \\<DC-At-Remote Site> Address: \\X.X.81.217 Dom Guid: XXXXXXXX-1c6b-4645-ac78-b0f2444eac2c Dom Name: Domain Forest Name: domain.fqdn.edu Dc Site Name: UCPG Our Site Name: UCPG Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_FOREST CLOSE_SITE The command completed successfully In the registry of a workstation/server on the remote site, the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters \DynamicSiteName is equal to "UCPG" Yet, whenever I log onto a workstation/server there "set l" returns a DC/GC that is at our HUB site, and not the DC/GC identified and located in the remote site. Nltest /sc_query:<domain> returns the same DC/GC located in the hub site, and again, not the DC/GC in the remote site. Pings between remote workstation and remote DC/GC are less than 1ms, between remote workstation and hub DC/GC are more like 30 to 40 ms on average. Both remote site and hub site DC/GC are ping able and nbtstat -a findable by short name and reverse ip lookups. Any help anyone has, I would greatly appreciate it. Thanks so much. /aaron Aaron Steele University of Chicago Enterprise Systems Administrator P: 773.834.9099 E: [EMAIL PROTECTED] This email is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged and confidential. If the reader of this email message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is prohibited. If you have received this email in error, please notify the sender and destroy/delete all copies of the transmittal. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
