Users login into domain failed

[Jason8888]

Hi,

I turned off the Root server. Strangely, the users in the
subdomain then can not login to the member domain server.
These users are Domain Users in the member domain server.
Strangely again, the password of the member domain server
and root server has to be the same.
Is there any method to set the subdomain more free?

Jason

 

[Ulf B. Simon-Weidner]

Hi,

I turned off the Root server. Strangely, the users in the
subdomain then can not login to the member domain server.
These users are Domain Users in the member domain server.
Strangely again, the password of the member domain server
and root server has to be the same.
Is there any method to set the subdomain more free?

Jason

I guess your domain is native mode. Then this is usual behavior if a Global
Catalog Server is not available, or the Client is not able to resolve a Global
Catalog Server.

The _msdcs.%forestrootdomain% in DNS is responsible for resolving GCs. You need
to make that available in the DNS-Servers which are queried from the subdomain
clients. By default that's the reason why _msdcs is AD-Integrated in the
ForestDNSZones application partition in Windows Server 2003. What are your
subdomain controllers? WS2k3 as well, then just check the replication scope of
_msdcs.%forestrootdomain%. And make sure that you have GCs in the Subdomain
(you can set this in the Active Directory-Sites and Services).

If your subdomain is Windows 2000, you need to make sure that the _msdcs in the
Forest-Root is delegated to the same server as separate zone, and then you are
able to configure the DNS-Servers in the subdomain to hold that zone as
secondary zone.

Gruesse - Sincerely,

Ulf B. Simon-Weidner