Multi-site AD problem

[Stu]

Hi,

My company has a single AD domain and 2 main sites (site1 and site2),
connected by a VPN. Each site has 2 DCs, and everything apparently
works fine. Recently, we added a third site (site3). I took one of the
DCs from site2 and installed it in site3. Again, everything seems to be
fine, BUT there are some strange things happening: From site1, I can
see (with windows explorer, to be specific) the network at site1 and
site3, but I can't see anything on site2. From site2, I can't see
anything except site2. From site3, I can see site1 and site3.

Despite this, I can ping and connect to shares at the "invisible"
sites, so connectivity is obviously there. I assume this must be a
problem with the remaining DC at site2, but I can't see how it's
different from the others.

Any help would be much appreciated.

Stu

 

[Cary Shultz [A.D. MVP]]

Stu,

To go over the very basics: you set up the three Sites in Active Directory
Sites and Services and you created a Subnet ( for each subnet that you might
have ) and then associated it with the correct Site. All of your machines
have an IP Address that corresponds to the correct Subnet ( and, naturally,
the correct Site ).

Have you installed the Support Tools ( located on the WIN2000 Service Pack
CD-Media or the Microsoft website ) and run dcdiag /c /v and netdiag /v.
You would probably want to send the output to a file ( instead of the
monitor so that you could more easily search for 'error', 'warn' or
'fail' ). I would also make sure that everything is correct with DNS. This
is paramount.

Now, is it possible that there is some 'WAN' problem? I ask because I have
worked in environments with multiple physical locations all connected to the
'Main Site' via a Firewall-to-Firewall VPN. There is a really weird problem
with one of the Sites ( although all of them are set up the same way...I was
not part of that, though ). Even multiple ISP's did not resolve the issue.



--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

 

[Cary Shultz [A.D. MVP]]

Should have clearly communicated what I meant. Is NetBIOS disabled?

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

 

[Stu]

Hi Cary,

Thanks for your reply. I've run dcdiag and netdiag and there are no
errors. All 4 DCs are replicating fine. Netbios over TCPIP is enabled.

I think it must be a DNS issue, but I've never had a problem with DNS
before, so I don't know the best way to debug it. Any suggestions?

Stu

 

[Denis Wong @ Hong Kong]

Hi Stu,

No idea about your previous postings. But if you think it is DNS issue, then
pls post any relevant event log about DNS.

br,
Denis