Domain Could not be contacted

Unbranded
May 14, 2007 at 04:20:42
Specs: Windows 2003, 3.0GHz/512MB

Hi there,

User logging onto my domain get the following familiar error if 'PDC' is down but 'Domain Replica' is up
'The System cannot log you on due to the following error: The specified domain either does not exist or could not be contacted'

Shouldn't the user be logged on using the active directory information available in Domain Replica? Please correct me if I'm wrong.

Thanks

Ibne-Saeed


See More: Domain Could not be contacted

Report •


#1
May 14, 2007 at 06:53:31

If the second server is not a Global Catalog, then no.

TECH-NO-LOGICAL ROMANCE!

http://www.homestarrunner.com/tgs12.html


Report •

#2
May 15, 2007 at 03:43:41

Thanks for replying to my post; I appreciate it.

The Global Catalog has been enabled on the second domain controller i.e. 'Domain Replica' since long. The problem persists despite that. Any other ideas?

Ibne-Saeed


Report •

#3
May 15, 2007 at 06:26:49

Was the original domain controller a DNS server?

If so, is the new one a DC as well, and are the clients pointed to use it for DNS, too?

"Enough, enough bowing down to disillusion!
Hats off & applause to rogues & evolution!
The ripple effect is too good not to mention.
If you’re not affected, you’re not paying attention!"


Report •

Related Solutions

#4
May 15, 2007 at 06:53:30

I did not explain the network in detail. My bad!

My network has three servers; One PDC, One BDC (Domain Replica) and One NAT+DNS Server (for internet connectivity.) All three host DNS for the zone with replication of DNS records enabled between them.

Client PCs have their DNS settings pointed to third (i.e. NAT+DNS) machine; allowing them access to local as well as internet resources.

Ibne-Saeed


Report •

#5
May 15, 2007 at 11:51:10

There is no BDC in AD.

NAT servers acting as DNS is not a good idea.

"Enough, enough bowing down to disillusion!
Hats off & applause to rogues & evolution!
The ripple effect is too good not to mention.
If you’re not affected, you’re not paying attention!"


Report •

#6
May 16, 2007 at 06:04:45

I did not mean to say BDC literally; its a second domain controller as one would have in a Windows 2003 AD. My NAT server is actually a SecureNAT server meaning it has ISA Server 2004 running on it; is it still a bad idea and is it the cause of my problem?

Ibne-Saeed


Report •

#7
May 16, 2007 at 06:31:38

The bottom line is if clients can't contact DNS, they can't log into the domain.

Also, I would run dcdiag on the second DC and see if it's missing any records, or if any other failures are found.

"Enough, enough bowing down to disillusion!
Hats off & applause to rogues & evolution!
The ripple effect is too good not to mention.
If you’re not affected, you’re not paying attention!"


Report •

#8
May 16, 2007 at 23:04:28

The problem seems to have gone away without me doing anything concrete. Thanks for your help in any case.

Ibne-Saeed


Report •

#9
May 17, 2007 at 07:36:02

I strongly urge you to figure out what happened. Your environment could be misconfigured in such a way that this could happen again.

TECH-NO-LOGICAL ROMANCE!

http://www.homestarrunner.com/tgs12.html


Report •

#10
May 17, 2007 at 20:58:33

Can DFS service be a cause of this problem? I was working my way through another problem when I learned that DFS was somehow not running. Also I was getting the ‘domain not available’ message even at the domain controller (the second domain controller); does that gives any indication of why did it happen? Thanks

Ibne-Saeed


Report •

#11
May 18, 2007 at 06:33:17

DCDiag would be a great way to figure out what the problem is.

"Enough, enough bowing down to disillusion!
Hats off & applause to rogues & evolution!
The ripple effect is too good not to mention.
If you’re not affected, you’re not paying attention!"


Report •

#12
May 21, 2007 at 06:47:39

DCDiag does not produce any errors.

Ibne-Saeed


Report •


Ask Question