Saturday, December 26, 2015

Active Directory Replication step by step

1) Setup IP Configuration :

  • Pune -(Primary) -  192.168.193.30  Gateway 192.168.193.1 DNS - 127.0.0.1 (Self)
    already setup active directory (ibm.com)
  • Mumbai - (Secondary) - 192.168.193.144 Gateway 192.168.193.1 DNS - 192.168.193.30 (Pune DC IP Address)

2) Setup Registry on Primary DC (Pune):

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NTDS\Diagnostics -> Knowledge Consistency Checker = 3 (Hexadecimal) and restart

3) Create New Site (MUMBAI) on Primary DC (Pune):

 4) Create New Subnet (mumbai - 192.168.193.0/24) on Primary DC (Pune):

 5) NTDSUTIL on Primary DC (Pune):
  ntdsutil -> act inst ntds (Enter) you will get this msg: activate instance set to "ntds"
  ifm (Enter) : create sysvol full c:\database (enter) this process will export files to database folder --- share that database flder to everyone and copy all files to MUMBAI PC - C:\data folder

 6) Data Copy on Mumbai DC :  and copy previous step shared database all files to C:\data folder

7) DCPROMO on Mumbai DC :   dcpromo  --> select advance mode installation -> NEXT 

      Select Existing Forest --> add new domain controller in Existing forest --> NEXT

      Type -  ibm.com   ...just below ... Click SET .....administrator & password --> NEXT

      Select - ibm.com (forest root domain)  --> NEXT

      Select a Site --> MUMBAI --> NEXT

      Additional domain controller option (keep as it is DNS & GC selected no RODC) ---> NEXT

     Some msg windows -- CLICK YES

    Select (2 option) --> Replicate data from media at the following location 
   and select location Browse  - -- C:\data (where we already copied data files) 

    Let wizard choose appropriate domian controller --> NEXT

    storage location c:\ ......   --> NEXT

    Enter password ... NEXT ...NEXT...after installation machine reboot automatically

    
8) On Primary DC (Pune): create users ...and setup IP site cost and repilcation inerval to 15 in active directory sites and services tool. and force manula replication if equired.
     

      
     
Posted by at No comments:
Labels:

Thursday, December 24, 2015

Troubleshooting the Domain Locator Process

  1. Check Event Viewer on both the client and the server. The event logs may contain error messages indicating that there is a problem. 
    • To view Event Viewer, click Start, point to Programs, point to Administrative Tools, and then click Event Viewer.
    • Check the System log on both the client and the server.
    • Also, check the Directory Service logs on the server and DNS logs on the DNS server.
  2. Check the IP configuration by using the ipconfig /all command at a command prompt.
  3. Use the Ping utility to verify network connectivity and name resolution. Ping both the IP address and the server name. You may also want to ping the domain name.
  4. Use the Netdiag tool to determine whether networking components are working correctly. To send detailed output to a text file, use the following command:
    netdiag /v >test.txt
    Review the log file, looking for problems, and investigate any implicated components. This file also contains other network configuration details.
  5. To fix minor problems, use the Netdiag tool with the following syntax: netdiag /fix.
  6. Use the nltest /dsgetdc:domainname command to verify that a domain controller can be located for a specific domain.
  7. Use the NSLookup tool to verify that DNS entries are correctly registered in DNS. Verify that the server host records and GUID SRV records can be resolved. 

    For example, to verify record registration, use the following commands:
    nslookup servername.childofrootdomain.rootdomain.com

    nslookup guid._msdcs.rootdomain.com
  8. If either of these commands does not succeed, use one of the following methods to reregister records with DNS:
    • To force host record registration, type ipconfig /registerdns.
    • To force domain controller service registration, stop and start the Netlogon service.
  9. To detect domain controller problems, run the DCdiag utility from a command prompt. The utility runs a number of tests to verify that a domain controller is running correctly. Use this command to send the results to a text file:
    dcdiag /v >dcdiag.txt
  10. Use the Ldp.exe tool to connect and bind to the domain controller to verify appropriate LDAP connectivity.
  11. If you suspect that a particular domain controller has problems, it may be helpful to turn on Netlogon debug logging. Use the NLTest utility by typing this command: nltest /dbflag:0x2000ffff. The information is then logged in the Debug folder in the Netlogon.log file.
  12. If you still have not isolated the problem, use Network Monitor to monitor network traffic between the client and the domain controller.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)