Hi,
I am almost sure that I have a problem with DNS server, but unfortunately I am not able to clarify where exactly. I have a root domain and three child domains. Problem exists only in one site in one child domain where is no local domain controller (server is configured to use dns server and domain controller from data center).
The problem is that I am not able to add users from any of child domains to give them ntfs permissions, or to add them to local server group. But I can add users from root domain
What happens than is event that:
The Security System detected an authentication error for the server ldap/SERVER-DC02.CHILD.DOMAIN.NET/CHILD.DOMAIN.NET@CHILD.DOMAIN.NET. The failure code from authentication protocol Kerberos was "There are currently no logon servers available
to service the logon request.
(0xc000005e)".
What is strange on frst place is that domain controller placed in log is not a domain controller from data center.
I have checked :
AD sites and service (subnet is assigned correctly to site)
nslookup domain names working correct
port query is ok
nltest /dsgetdc:child.domain.net /force shows me DC, but various, not this from datacenter
I am logged on the server using account from root domain. computer is placed in child domain, gpo policies are refreshing ok.
When I open DNS manager console, and I will expand child domain name zone, than _sites I can not find there sites which do not have domain controllers, it ok?
Everything apart of this site is working ok, replication etc.
regards