Tải bản đầy đủ (.ppt) (26 trang)
  1. Trang chủ
    2. >>
  2. Lớp 10
    3. >>
  3. Lịch sử

10-Troubleshooting Active Directory, DNS, and Replication Issues

Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (329.66 KB, 26 trang )

<span class='text_page_counter'>(1)</span><div class='page_container' data-page=1></div>
<span class='text_page_counter'>(2)</span><div class='page_container' data-page=2>

Module Overview



Troubleshooting Active Directory Domain Services



Troubleshooting DNS Integration with AD DS



</div>
<span class='text_page_counter'>(3)</span><div class='page_container' data-page=3>

Lesson 1: Troubleshooting Active Directory


Domain Services



Introduction to AD DS Troubleshooting



Discussion: How to Troubleshoot Active Directory Domain


Services Issues



Troubleshooting User Access Errors



Demonstration: Tools for Troubleshooting User


Access Errors



</div>
<span class='text_page_counter'>(4)</span><div class='page_container' data-page=4>

Introduction to AD DS Troubleshooting



<b>Active Directory troubleshooting begins when:</b>





•<b> Users report authentication or authorization errors</b>


• <b>Active Directory related events appear in the Event Viewer</b>


• <b>Domain controller performance is degraded </b>



• <b>An alert is generated by a monitoring system </b>




</div>
<span class='text_page_counter'>(5)</span><div class='page_container' data-page=5>

Discussion: How to Troubleshoot Active Directory


Domain Services Issues



What steps would you take to troubleshoot an Active


Directory issue?



What tools would you use?



</div>
<span class='text_page_counter'>(6)</span><div class='page_container' data-page=6>

Troubleshooting User Access Errors



<b>User access errors may be the result of:</b>


• <b>Network access errors </b>


• <b>Authentication errors</b>


• <b>Authorization errors </b>


<b>To address user access errors, verify: </b>


• <b>Network connectivity </b>


• <b>Time synchronization </b>


• <b>Domain controller availability </b>



• <b>User account and user </b>
<b>lockout settings </b>


</div>
<span class='text_page_counter'>(7)</span><div class='page_container' data-page=7>

Demonstration: Tools for Troubleshooting User


Access Errors



</div>
<span class='text_page_counter'>(8)</span><div class='page_container' data-page=8>

Troubleshooting Domain Controller


Performance Issues



<b>Most common performance issues include:</b><sub> </sub>


• <b>High CPU utilization</b>


• <b>High network utilization </b>


<b>To resolve performance issues:</b>
<b> Identify the processes with </b>
<b> high CPU utilization </b>





<b> Move applications or services</b>
<b> to another server</b>





<b> Monitor application specific </b>
<b> network traffic</b>






<b> Distribute Active Directory </b>
<b> and DNS roles across </b>


<b> multiple servers</b>





<b> Review and modify the </b>
<b> replication topology</b>





<b> Deploy domain controllers </b>
<b> with 64 bit hardware</b>


</div>
<span class='text_page_counter'>(9)</span><div class='page_container' data-page=9>

Lesson 2: Troubleshooting DNS Integration with


AD DS



Overview of DNS and AD DS Troubleshooting



Troubleshooting DNS Name Resolution



Troubleshooting DNS Name Registration




</div>
<span class='text_page_counter'>(10)</span><div class='page_container' data-page=10>

Overview of DNS and AD DS Troubleshooting


<b>Troubleshoot the integration of DNS and Active </b>


<b>Directory when:</b>




• <b>Users cannot log on to Active Directory </b>


• <b>Active Directory replication is failing</b>


• <b>Active Directory installation fails </b>


<b>To troubleshoot DNS and Active Directory integration, verify: </b>




• <b>DNS client and server configurations</b>


• <b>DNS name registration </b>


</div>
<span class='text_page_counter'>(11)</span><div class='page_container' data-page=11>

Troubleshooting DNS Name Resolution


<b>DNS name resolution may fail due to:</b>


• <b>Network connectivity issues </b>


• <b>Client configuration errors </b>


• <b>DNS server availability </b>



• <b>Name registration or DNS replication issues </b>


<b>To troubleshoot DNS name resolution: </b>


• <b>Test network connectivity by pinging the DNS server </b>
<b>by IP address </b>


• <b>Use IPConfig to examine the client configuration </b>


• <b>Use NSLookup to verify server availability </b>


• <b>Flush the DNS cache </b>


</div>
<span class='text_page_counter'>(12)</span><div class='page_container' data-page=12>

Troubleshooting DNS Name Registration


<b>DNS name registration may fail due to:</b>


• <b>Client configuration errors </b>


• <b>DNS server availability </b>


• <b>DNS zone configuration </b>


<b>To troubleshoot DNS name registration:</b>


• <b>Verify that the client is configured to register in DNS</b>


• <b>Test DNS server availability </b>


• <b>Verify that the DNS zone is configured for</b>
<b>dynamic updates </b>



• <b>Test DNS by using the DCDiag /Test:DNS command </b>


</div>
<span class='text_page_counter'>(13)</span><div class='page_container' data-page=13>

Troubleshooting DNS Zone Replication



<b>Investigate DNS zone replication issues when:</b>


• <b>DNS-related issues are specific to certain </b>
<b>DNS server clients </b>


• <b>Zone information is not consistent on different </b>
<b>DNS servers </b>


• <b>DNS server availability </b>


• <b>Name registration or DNS replication issues </b>


<b> Troubleshoot Active Directory replication for Active Directory </b>
<b>integrated zones</b>


<b>To troubleshoot standard zone transfer issues: </b>


• <b>Verify network connectivity </b>


• <b>Verify primary server and secondary server configuration </b>


• <b>Verify Start of Authority record </b>


</div>
<span class='text_page_counter'>(14)</span><div class='page_container' data-page=14>

Lesson 3: Troubleshooting AD DS Replication




AD DS Replication Requirements



Common Replication Issues



What Is the Repadmin Tool?



What Is the DCDiag Tool?



Identifying the Cause of Replication Errors



Discussion: Troubleshooting Inter-Site AD DS


Replication Issues



</div>
<span class='text_page_counter'>(15)</span><div class='page_container' data-page=15>

AD DS Replication Requirements


<b>Active Directory replication requires: </b>


• <b>Routable IP infrastructure </b>


• <b>DNS name resolution </b>


• <b>RPC or SMTP connectivity between domain controllers </b>


• <b>Kerberos v5 authentication </b>


• <b>LDAP connectivity to install new domain controllers </b>


</div>
<span class='text_page_counter'>(16)</span><div class='page_container' data-page=16>

Common Replication Issues


Replication greatly
increases network
traffic

<b>Possible causes</b>
Replication does
not finish or occur


Replication is slow
Client computers
receive a slow
response


<b>Symptom</b>


• Sites not connected by site links


• No bridgehead server in the site group


• No domain controller online
in client site


• Not enough domain
controllers


• Inefficient site topology
and schedule


</div>
<span class='text_page_counter'>(17)</span><div class='page_container' data-page=17>

What Is the Repadmin Tool?



<b>Use the Repadmin command-line tool to:</b>


• <b>View and manually create the replication topology </b>



• <b>Force replication events between domain controllers</b>


• <b>View the replication metadata</b>


<b>Syntax: </b>


</div>
<span class='text_page_counter'>(18)</span><div class='page_container' data-page=18>

What Is the DCDiag Tool?



<b>Use the Dcdiag command-line tool to:</b>


• <b>Analyze the state of a domain controller and report </b>
<b>any problems</b>


• <b>Perform a series of tests to verify different </b>
<b>areas of the system</b>


<b>Syntax: </b>


</div>
<span class='text_page_counter'>(19)</span><div class='page_container' data-page=19>

Identifying the Cause of Replication Errors



• <b>System monitor NTDS counters</b>
<b> Testing method</b>


Sites are not
connected by
site links


No bridgehead
server in the site
Inefficient site


topology and
schedule


<b>Possible causes </b>


• <b>Dcdiag /test:Topology</b>


• <b>Repadmin /bridgeheads</b>


• <b>Repadmin /latency</b>


No domain controller


online in the site •<sub>•</sub> <b>Dcdiag /test:Replication<sub>Dcdiag /test:Connectivity</sub></b>
Not enough domain


controllers
Incorrect site
topology


• <b>Active Directory Sites and Services</b>


• <b>Repadmin /latency</b>


</div>
<span class='text_page_counter'>(20)</span><div class='page_container' data-page=20>

Discussion: Troubleshooting Inter-Site AD DS


Replication Issues



What steps would you take to troubleshoot an Active


Directory replication issue?




</div>
<span class='text_page_counter'>(21)</span><div class='page_container' data-page=21>

Troubleshooting Distributed File


Replication Issues





•<b> Windows Server 2008 uses FRS or DFSR to replicate the </b>
<b> SYSVOL directory between domain controllers</b>


• <b>Both FRS and DFRS require LDAP and RPC connectivity </b>
<b>between domain controllers </b>


• <b>Use Ntfrsutl and FRSDiag to troubleshoot FRS replication </b>


• <b>Use DFSRAdmin to troubleshoot DFRS replication </b>


</div>
<span class='text_page_counter'>(22)</span><div class='page_container' data-page=22>

Lab: Troubleshooting Active Directory, DNS, and


Replication Issues



Exercise 1: Troubleshooting Authentication and


Authorization Errors



Exercise 2: Troubleshooting the Integration of DNS and


AD DS



Exercise 3: Troubleshooting AD DS Replication



Logon information


Virtual machine

<b>NYC-DC1<sub>CL1</sub></b> , <b></b>



NYC-User name

<b>Administrator </b>



Password

<b>Pa$$w0rd</b>



</div>
<span class='text_page_counter'>(23)</span><div class='page_container' data-page=23>

Lab Review



If the Los Angeles office was configured as a separate site,


what additional steps would you need to take to



troubleshoot Scenario #5?



</div>
<span class='text_page_counter'>(24)</span><div class='page_container' data-page=24>

Module Review and Takeaways



Considerations



Tools



</div>
<span class='text_page_counter'>(25)</span><div class='page_container' data-page=25>

Beta Feedback Tool



Beta feedback tool helps:



 Collect student roster information, module feedback, and


course evaluations.


 Identify and sort the changes that students request, thereby


facilitating a quick team triage.


 Save data to a database in SQL Server that you can later



query.


</div>
<span class='text_page_counter'>(26)</span><div class='page_container' data-page=26>

Beta Feedback



<b>Overall flow of module:</b>



 Which topics did you think flowed smoothly, from topic to


topic?


 Was something taught out of order?


<b>Pacing:</b>



 Were you able to keep up? Are there any places where the


pace felt too slow?


 Were you able to process what the instructor said before


moving on to next topic?


 Did you have ample time to reflect on what you learned? Did


you have time to formulate and ask questions?

<b>Learner activities:</b>



 Which demos helped you learn the most? Why do you think



that is?


 Did the lab help you synthesize the content in the module?


Did it help you to understand how you can use this
knowledge in your work environment?


 Were there any discussion questions or reflection questions


</div>

<!--links-->

Tài liệu liên quan

Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Tải bản đầy đủ ngay
×