Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
Active Directory communication fails on multihomed domain controllers
Article ID: 272294 - View products that this article applies to.
This article was previously published under Q272294
In a Windows 2000 domain that has multihomed domain controllers, Active Directory communication, including replication, may fail intermittently.
This issue can occur if one of the network adapters is attached to an external network (such as the Internet) on the multihomed domain controller, and if Lightweight Directory Access Protocol (LDAP) and Kerberos traffic between the internal and external networks is partially or completely restricted because of a Proxy, ISA Server, NAT Server or another firewall device.
In this scenario, network adapters on the multihomed domain controllers are registering both the inside and outside Internet Protocol (IP) addresses with the DNS server. DNS name resolution lookup requests return records in a "round robin" fashion, alternating the internal and external IP addresses. Replication operations require multiple lookup requests of SRV records. In this case, half of the DNS lookup requests return an IP address that cannot be contacted, and the replication operation fails.
To resolve this issue:
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/191611/ )Symptoms of multihomed browsers
(http://support.microsoft.com/kb/246804/ )How to enable or disable DNS updates in Windows 2000 and in Windows Server 2003
Article ID: 272294 - Last Review: April 17, 2007 - Revision: 3.4