Hi all,
We have 5 sites, at least 2 AD servers in each site. Sometimes one site (which is a mobile site as we go to different venues) is off for a week but sometimes for up to 3 months during winter. In our main factory site, we have 3 DCs which are all 2003 server. All ports are open between the domain controllers on all firewalls. We use Symantec Endpoint Protection.
I got a call from the helpdesk saying that we have had a few computers lose their trust with the domain. I looked into this further and could predict the next one by looking in the system log on the domain controllers for NETLOGON 5723, the computer does not exist in the domain.
When an item is deleted in Active Directory it goes to a folder called CN=Deleted Objects,DC=domain,DC=local or wherever your domain is. None of these computers are in there and they disappeared within the tombstone time.
Any ideas of where I should start? I was thinking it is a replication issue. At the time of checking it seems ok. repadmin /showrepl shows the last attempt was successful, apart from the 2 DCs which we know are off and in a trailer somewhere.