Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DC logon failure from separate subnet

Status
Not open for further replies.
manuchau

manuchau

Technical User
Jun 21, 2002
14
0
0
US
I have two subnets. Each subnet has two different domain controllers on two different domains. My problem is that when I created a third DC on subnet A and moved it to subnet B I cannot logon. The firewall between both subnets is wide open, per the firewall admin. DNS reverse lookup zones are configured on both DNS servers in subnet A & B. I can terminal on to the third DC, which was moved to subnet B, I just cannot logon.

Any suggestions? All help is appreciated...
 
Sort by date Sort by votes
Moving a Domain Controller to a different subnet would have definitely required a change in IP address. The story does not end there. Please refer to the following URL for what you have to do if you have/want to change the IP address of a Domain Controller:


Hope this will be useful.

-Keshav
 
Upvote 0 Downvote
Keshav,

The server is set to DHCP. I can TS into the server from subnet A.

Subnet A: One domain controller. Domain is abc.com

Subnet B: One domain controller. Domain is xyz.com

The third domain controller was created in subnet A. Joined to domain abc.com. When this third dc is moved to subnet B, I cannot authenticate on that server. I can ping, terminal in, just can log in.
 
Upvote 0 Downvote
Couple of things...
DHCP, I hope you are using reservations for your DCs. Otherwise I would not use DHCP to assign IP to your DCs.

Since you adding a Second DC for abc.com, in the other subnet, I would suspect that you need to add the subnet in Active Directory Sites and Services in abc.com.

Hope that's your answer...
 
Upvote 0 Downvote
I can confirm that the subnet is in Sites and Services.

Error message is:

Logon Message

The system could not log you on. Make sure your User name and domain are correct, then type your password again. Letters in passwords must be typed using the correct case.

The local tech support consultant was able to logon once, locally. He'll be in the office on Monday and we'll see if he can authenticate again.

Also, I thought of joining a pc to the domain in Subnet A, where the third dc came from, over the wan link. If the firewall is open as the engineer says it is then the pc should have no problems finding the domain in subnet A and joining it over the link.
 
Upvote 0 Downvote
True as long as the firewall is open and the PCs DNS settings are pointing to the DNS that contains the service records for abc.com.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
80
ADB100
ADB100
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
190
goombawaho
goombawaho
andyferris
  • Locked
  • Question
DC Event logs auditing cannot be set by GPO
Replies
1
Views
67
RRankin355
RRankin355
maybeimaleo
  • Locked
  • Question
Can SMTP Be Migrated From 2008 R2 to 2019?
Replies
1
Views
59
maybeimaleo
maybeimaleo
Mighty
  • Locked
  • Question
Sending Email from Scheduled Tasks
Replies
4
Views
77
Mighty
Mighty

Part and Inventory Search

Sponsor

Back
Top