How to check cloud connectors have appropriate domain and forest access

book

Article ID: CTX319910

calendar_today

Updated On:

Description

How to check cloud connectors have appropriate domain and forest access.

Instructions

On each connector in the environment run the powershell commands below.
These commands should run and not return errors.

$DomainFQDN = "domain1.forest.local"
$ForestFQDN = "forest.local"
Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters DynamicSiteName
nltest /dsgetsite
nltest /dsgetdc:$DomainFQDN
nltest /dsgetdc:$DomainFQDN /gc /force
nltest /dnsgetdc:$DomainFQDN
nltest /dsgetdc:$ForestFQDN
nltest /dsgetdc:$ForestFQDN /gc /force
nltest /dnsgetdc:$ForestFQDN

#Connector equivalent commands which should have matching output
$FormatEnumerationLimit=-1
$forestName =[System.DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain().forest.name
[System.DirectoryServices.ActiveDirectory.Forest]::GetForest((New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext -Args @([System.DirectoryServices.ActiveDirectory.DirectoryContextType]::Forest, $forestName)))
$Forest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
$Forest.Domains

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"