Not able to connect AD Domain

cancel
Showing results for 
Search instead for 
Did you mean: 

Not able to connect AD Domain

L3 Networker

hey guys one of my clients is not able to connect in the domain some users are connecting while some are not. The users are in Location A in another city and the Domain server is from another site  I attached B the image ignore.

that is it from the firewall side or domain side issue because some are connected some are not.

3 REPLIES 3

Cyber Elite
Cyber Elite

Hi @FarhanKoujalgi ,

It seems you have forgot to attach the image.

Also your question is not very clear - at least for me. Can you try to explain your issue with more details?

There is Firewall at location a and another at location b the users are in Location hai and the domain is on location B under firewall. Some Users of Location A is able to connect the Domain which is on location B firewall. I checked the traffic are allow some are tcp reset from Client. So my concern is its any issue in under firewall what should i check.

L4 Transporter

Hi @FarhanKoujalgi 

 

thank you for providing further details.

 

I would recommend to check client logs at location A first. For Windows machines please navigate to: Event Viewer > System logs. Search for logs with Level: Error and Warning. Ideally do the same for multiple clients facing the same issue at location A to find a common pattern.

 

I would also recommend to check logs on Domain Controller side at location B. On Domain Controller side, navigate to: Event Viewer > Applications and Services Logs. By default Active Directory records only Critical and Error events. If you want to enable lower severity logs for diagnostics, you can refer to this guide: https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/configure-ad-and-lds-event-log...

 

On Firewall side, I would check Traffic logs in both locations A and B. I would recommend to narrow down search by filtering Traffic Logs for IP addresses of clients having an issue and Domain Controllers. If there is no deny logs indicating policy is blocking traffic, please add columns Bytes Sent and Bytes Received to confirm that there is a bidirectional communication that Domain Controller is responding to clients. Samples are below:

 

PavelK_0-1631016190291.png

PavelK_1-1631016341465.png

Based on result of findings in Client/Domain Controller Logs + Firewall Traffic Logs, I would set next course of action. If you still can't find anything conclusive as a next step I would recommend to install DCDiag on one of the machine: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc...

 

I hope this helps with troubleshooting.

 

Kind Regards

Pavel

 

 

 

 

Pavel Kucera
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!