Forum Discussion
Weird issue accessing netlogon
Got a bit of a weird issue here...... We have just started using AAD machines via autopilot & intune and doing testing on them accessing resources on our current onprem domain, got things sorted so ...
DNS Configuration Issues
- Short name (\\domain\netlogon) and FQDN (\\domain.fqdn.gov.uk\netlogon) access rely on DNS resolution. Intermittent access might indicate:
- DNS records for the domain (A or CNAME records) are missing or inconsistent.
- Replication delays or errors in DNS.
- Split-brain DNS configuration causing mismatches between internal and external DNS views.
Solution:
- Verify DNS records for the domain
- nslookup domain
nslookup domain.fqdn.gov.u
Kerberos Name Resolution Issues
- Accessing \\domain\netlogon or \\domain.fqdn.gov.uk\netlogon relies on Kerberos authentication. If there are mismatched Service Principal Names (SPNs) or duplicate/missing SPNs, authentication can fail intermittently.
setspn -Q */domain
setspn -Q */domain.fqdn.gov.uk
SYSVOL or Netlogon Replication Issues
- Netlogon and SYSVOL folders are replicated among Domain Controllers using DFS Replication or File Replication Service (FRS). Issues here could cause intermittent accessibility.
Solution:
- Check DFSR or FRS logs for errors
Get-EventLog -LogName DFSReplication