Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 10: Troubleshooting AD DS, DNS, and Replication Issues.

Published byJordan Horton Modified over 9 years ago

Similar presentations

Presentation on theme: "Module 10: Troubleshooting AD DS, DNS, and Replication Issues."— Presentation transcript:

1 Module 10: Troubleshooting AD DS, DNS, and Replication Issues

2 Module Overview Troubleshooting Active Directory Domain Services Troubleshooting DNS Integration with AD DS Troubleshooting AD DS Replication

3 Lesson 1: Troubleshooting Active Directory Domain Services Introduction to AD DS Troubleshooting Discussion: How to Troubleshoot AD DS Issues Troubleshooting User Access Errors Demonstration: Tools for Troubleshooting User Access Errors Troubleshooting Domain Controller Performance Issues

4 Introduction to AD DS Troubleshooting AD DS troubleshooting begins when: Users report authentication or authorization errors AD DS related events appear in the Event Viewer Domain controller performance is degraded An alert is generated by a monitoring system Data is not being replicated between domain controllers

5 Discussion: How to Troubleshoot AD DS Issues What tools would you use? How would you verify that your solution worked?

6 Troubleshooting User Access Errors User access errors may be the result of: Network access errors Authentication errors Authorization errors To address user access errors, verify: Network connectivity Time synchronization Domain controller availability User account and user lockout settings Group memberships

7 Demonstration: Tools for Troubleshooting User Access Errors In this demonstration, you will see how to troubleshoot user access errors using Windows tools

8

9 Troubleshooting Domain Controller Performance Issues Most common performance issues include: High CPU utilization High network utilization To resolve performance issues: Identify the processes with high CPU utilization Move applications or services to another server Monitor application-specific network traffic Distribute AD DS and DNS roles across multiple servers Review and modify the replication topology Deploy domain controllers with 64-bit hardware

10 Lesson 2: Troubleshooting DNS Integration with AD DS Overview of DNS and AD DS Troubleshooting Troubleshooting DNS Name Resolution Troubleshooting DNS Name Registration Troubleshooting DNS Zone Replication

11 Overview of DNS and AD DS Troubleshooting Troubleshoot DNS and AD DS integration when: Users cannot log on to AD DS AD DS replication is failing AD DS installation fails To troubleshoot DNS and AD DS integration, verify: DNS client and server configurations DNS name registration DNS zone replication

12 Troubleshooting DNS Name Resolution DNS name resolution may fail due to: Network connectivity issues Client configuration errors DNS server availability Name registration or DNS replication issues To troubleshoot DNS name resolution: Test network connectivity by pinging the DNS server by IP address Use IPconfig to examine the client configuration Use NSlookup to verify server availability Flush the DNS cache Use NSlookup to verify SRV records

13 Troubleshooting DNS Name Registration DNS name registration may fail due to: Client configuration errors DNS server availability DNS zone configuration To troubleshoot DNS name registration: Verify that the client is configured to register in DNS Test DNS server availability Verify that the DNS zone is configured for dynamic updates Test DNS by using the DCDiag /Test:DNS command Register the SRV records by restarting the Netlogon service

14 Troubleshooting DNS Zone Replication Investigate DNS zone replication issues when: DNS-related issues are specific to certain DNS server clients Zone information is not consistent on different DNS servers DNS server availability is not consistent There are DNS replication or name registration issues Troubleshoot AD DS replication for AD DS integrated zones To troubleshoot standard zone transfer issues: Verify network connectivity Verify primary server and secondary server configuration Verify Start of Authority record Verify zone transfer configuration

15 Lesson 3: Troubleshooting AD DS Replication AD DS Replication Requirements Common Replication Issues What Is the Repadmin Tool? What Is the DCDiag Tool? Identifying the Cause of Replication Errors Discussion: Troubleshooting Inter-Site AD DS Replication Issues Troubleshooting Distributed File Replication Issues

16 AD DS Replication Requirements AD DS replication requires: Routable IP infrastructure DNS name resolution RPC or Simple Mail Transfer Protocol (SMTP) connectivity between domain controllers Kerberos v5 authentication Lightweight Directory Access Protocol (LDAP) connectivity to install new domain controllers File Replication Service or Distributed File System Replication

17 Common Replication Issues Replication greatly increases network traffic Possible causes Replication does not finish or occur Replication is slow Client computers receive a slow response Symptom Sites not connected by site links No bridgehead server in the site group No domain controller online in client site Not enough domain controllers Inefficient site topology and schedule Insufficient bandwidth Incorrect site topology

18 What Is the Repadmin Tool? Use the Repadmin command-line tool to: View and manually create the replication topology Force replication events between domain controllers View the replication metadata Syntax: repadmin command arguments [/u:[domain\]user pw:{password|*}]

19 What Is the DCDiag Tool? Use the Dcdiag command-line tool to: Analyze the state of a domain controller, and report any problems Perform a series of tests to verify different system areas Syntax: dcdiag command arguments [/v /f:LogFile /ferr:ErrLog ]

20 Identifying the Cause of Replication Errors System monitor NTDS counters Testing method Sites are not connected by site links No bridgehead server in the site Inefficient site topology and schedule Possible causes Dcdiag /test:Topology Repadmin /bridgeheads Repadmin /latency No domain controller online in the site Dcdiag /test:Replication Dcdiag /test:Connectivity Not enough domain controllers Incorrect site topology AD DS Sites and Services Repadmin /latency V Dcdiag /test:Intersite

21 Discussion: Troubleshooting Inter-Site AD DS Replication Issues What steps would you take to troubleshoot an AD DS replication issue? How would you verify that your solution worked?

22 Troubleshooting Distributed File Replication Issues Windows Server 2008 uses FRS or DFSR to replicate the SYSVOL directory between domain controllers Both FRS and DFSR require LDAP and RPC connectivity between domain controllers Use Ntfrsutl and FRSDiag to troubleshoot FRS replication Use DFSRAdmin to troubleshoot DFRS replication

23 Lab: Troubleshooting AD DS, DNS, and Replication Issues Exercise 1: Troubleshooting Authentication and Authorization Errors Exercise 2: Troubleshooting the Integration of DNS and AD DS Exercise 3: Troubleshooting AD DS Replication Logon information Virtual machine NYC-DC1, NYC-CL1 User nameAdministrator Password Pa$$w0rd Estimated time: 60 minutes

24 Lab Review If the Los Angeles office was configured as a separate site, what additional steps would you need to take to troubleshoot Trouble Ticket #5? What AD DS troubleshooting issues do you think you will need to deal with most often in your organization?

25 Module Review and Takeaways Considerations Tools Review questions

Download ppt "Module 10: Troubleshooting AD DS, DNS, and Replication Issues."

Similar presentations

Course 2786B Module 8: Implementing an Active Directory® Domain Services Monitoring Plan Presentation: 60 minutes Lab: 60 minutes This module helps students.

Course 2786B Module 8: Implementing an Active Directory® Domain Services Monitoring Plan Presentation: 60 minutes Lab: 60 minutes This module helps students.
Implementing and Administering AD DS Sites and Replication

Implementing and Administering AD DS Sites and Replication
Configuring and Troubleshooting Network Connections

Configuring and Troubleshooting Network Connections
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
Module 10: Troubleshooting Active Directory, DNS, and Replication Issues.

Module 10: Troubleshooting Active Directory, DNS, and Replication Issues.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Implementing Domain Name System

Implementing Domain Name System
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Ownership and auditing. Overview Configure DNS to prepare for Domain Controller installation Checking configuration Running DCPROMO.EXE.

Ownership and auditing. Overview Configure DNS to prepare for Domain Controller installation Checking configuration Running DCPROMO.EXE.
13.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

13.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Course 6425A Module 2: Configuring Domain Name Service for Active Directory® Domain Services Presentation: 50 minutes Lab: 45 minutes This module helps.

Course 6425A Module 2: Configuring Domain Name Service for Active Directory® Domain Services Presentation: 50 minutes Lab: 45 minutes This module helps.
Implementing High Availability

Implementing High Availability
Understanding Active Directory

Understanding Active Directory
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
1 Chapter Overview Creating Sites and Subnets Configuring Intersite Replication Troubleshooting Active Directory Replication.

1 Chapter Overview Creating Sites and Subnets Configuring Intersite Replication Troubleshooting Active Directory Replication.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.

Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.
Module 1: Installing Active Directory Domain Services

Module 1: Installing Active Directory Domain Services
Course 6425A Module 9: Implementing an Active Directory Domain Services Maintenance Plan Presentation: 55 minutes Lab: 75 minutes This module helps students.

Course 6425A Module 9: Implementing an Active Directory Domain Services Maintenance Plan Presentation: 55 minutes Lab: 75 minutes This module helps students.

Similar presentations

Ads by Google