在工程中进入到大规模工作站加入域的时候,出现了这样一种很奇怪的问题。dc是双网卡,分别对应内网及教育网段,教师多位教育网ip。可实际加入域的过程中,出现客户机无法加入域,ping dc的dns结果解析到的是内网网段,用ipconfig/flushdns刷新dns缓存,有时候又可以正确解析到教育网的ip上,这样就可以加入域了。很奇怪
让金敏胤同学帮我找了找相关的kb,找到一篇类似问题的case,目前还没有经过验证是否就是这样的,不过似乎应该就是这样了。最常见的问题就是netbios name,你这样试下把netbios over TCP 在一个网卡上禁用 试一下。
或者参考以下kb提到的解决方法 http://support.microsoft.com/kb/272294

Active Directory communication fails on multihomed domain controllers

View products that this article applies to.
Article ID:272294
Last Review:April 17, 2007
Revision:3.3
This article was previously published under Q272294

SYMPTOMS

In a Windows 2000 domain that has multihomed domain controllers, Active Directory communication, including replication, may fail intermittently.
uparrow.gifBack to the top

CAUSE

This issue can occur if one of the network adapters is attached to an external network (such as the Internet) on the multihomed domain controller, and if Lightweight Directory Access Protocol (LDAP) and Kerberos traffic between the internal and external networks is partially or completely restricted because of a Proxy, ISA Server, NAT Server or another firewall device.

In this scenario, network adapters on the multihomed domain controllers are registering both the inside and outside Internet Protocol (IP) addresses with the DNS server. DNS name resolution lookup requests return records in a "round robin" fashion, alternating the internal and external IP addresses. Replication operations require multiple lookup requests of SRV records. In this case, half of the DNS lookup requests return an IP address that cannot be contacted, and the replication operation fails.
uparrow.gifBack to the top

RESOLUTION

To resolve this issue:
1.Disable registration on the outside network adapter on the multihomed domain controller. To do so:
a. Click Start, click Settings, and then click Network and Dial-Up Connections.
b. Right-click the outside local area network (LAN) connection, and then click Properties.
c. Click TCP/IP, and then click Properties.
d. Click Advanced, and then click to clear the Register DNS for this connection check box.
2.Disable the round robin functionality on the DNS server. To do so:
a. Click Start, click Settings, click Administrative Tools, and then click DNS.
b. Open the properties for the DNS server's name.
c. Click the Advanced tab, and then click to clear the Enable round robin check box.
3.Remove the existing entries in DNS. To do so:
a. Browse to the following location:
Under DNS\ DNS Servername\Forward Lookup Zones\ Domain Name
b. Remove Host (A) record entries that refer to the domain controller's computer name for the outside network adapter IP addresses.
c. Remove Host (A) record entries for the same name as the parent folder for the network adapter IP addresses.
4.Start the DNS Management Console, right-click the server name, and then click Properties.
5.Click the Interfaces tab, and then remove the external IP address so that DNS does not listen on it.
6.Open a command prompt, type ipconfig /flushdns, press ENTER, type ipconfig /registerdns, and then press ENTER.
7.Change the binding order of your network adapters so that the Internal adapter is the first bound adapter. To do this, follow these steps:
a. Click Start, click Settings, and then click Network and Dial-Up Connections.
b. On the Advanced menu, click Advanced.
c. Verify that the internal network adapter is listed first in the Connections box.
uparrow.gifBack to the top

STATUS

This behavior is by design.
uparrow.gifBack to the top

MORE INFORMATION

For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
191611 (http://support.microsoft.com/kb/191611/) Symptoms of multihomed browsers
246804 (http://support.microsoft.com/kb/246804/) How to enable or disable DNS updates in Windows 2000 and in Windows Server 2003