Monday, 10 December 2007

Simple Active Directory

Active directory is a bit of an animal.

Many problems can reside inside active directory if its not well maintained most of us will see error in the event log and that will be our first clue that something as gone wrong.

If you are lucky enough to have some reporting tools deployed on your server then you might notice them before that.

Most common error is site to site replication these errors no so hard to deal with. First check the server you are trying to replicate with is up and running you can ping it you can net view to it and if you have the support tool and resource kit install you can RPC ping as well

So first you ping in this case my domain controller is Aero-dc.domain.com we an IP of 10.0.10.2

Ping aero-dc.domain.com

If you get a reply this means that the network is running doesn’t mean the server is working so next we do a net view to see if the shares such as sysvol are there

Net view file://areo-dc.domain.com/

If you can see there then all is good and you are most likely looking at DNS errors where the DNS entry is wrong or lookup to the DNS is not possible because the link is down

Some useful command you can use from the command prompt are,
This one is useful to check server is correctly registered with the DNS
netdiag /test:DNS /v

This one is useful to see the replication history
repadmin /showreps

If you are still having active directory issue, I would suggest you contact some one that knows it well google news groups are always a good place if you are not in a hurry to fix little issues.

No comments: