Networkpath XAD DC links clients of two different sites to wrong GPO path

Hi all,

As i resolved the problem with my upgrade failure from my master DC from OES2018 to OES 24.1 i have now another strange problem.

Short setup info:

At HO i have the master dc with IP 192.168.110.142) - Clients in this range should take \\xad.company.com (IP 192.168.110.142) for GPO's

AT BO i have 2 other DC's (one primary and second as passive) with IP 192.168.112.142 and .144) - Clients in this range should take  \\xad.company.com (IP 192.168.112.142) for GPO's


But i notice that the clients from HO and BO hops thru all 3 DC's and if the want to open path \\xad.company.com (what will not the big problem itself) the clients from BO (or HO) are not allowed to receive the GPO's from any other DC as is in their IP range exists.

Example: ping from client at HO to \\xad.company.com point to IP 192.168.112.142, after a flushdns and re-ping it points to 192.168.112.144 and after another flushdns and re-ping it point to 192.168.110.142

and this circle never stop - so means when i open the path \\xad.company.com on the client  at HO or BO it never points to the correct DC and cannot receive the GPOS correctly.

What it should be: clients from HO must always receive  \\xad.company.com point with IP 192.168.110.142 and clients from BO must always receive \\xad.company.com point with IP 192.168.112.142


If "mixed mode" is also possible (what makes more sense, because if one DC fails, the clients from HO and BO can switch to the next available DC) it would be better.


At the DNS/DHCP console the DHCP and DNS servers assigned correctly to each Zone for HO and BO so i don't know where the problem is.


Any ideas?

  • 0

    Update: i guess i have still problems with server authentification which cause the GPO sync errors,

    In MMC console i can choose Master DC (HO) as Directoryserver without probs, also i can edit GPO's

    when i choose now the second DC (passive DC BO) as Directoryserver to edit the GPO's i can see the GPO' but im not able to edit because i get error "access denied" in MMC

    And when i want to choose the third DC (primary DC (BO)  as Directoryserver i get the error "could not establish connection to DC - login failed: unknown User or wrong Password) 

  • 0 in reply to 

    Update: After spendening the last 5 days with tryouts, which ends up finally screw up my 5 servers completely with the upgrade, destroying my eDir database and desperate me too much i rolled back to my previous OES 2018 SP3 backups.

    Anyway, if someone can give me infos, why this prob with XAD occours please don't hesitate to drop your inputs in here.

    Maybe i will be motivate after a longer break for my nerves to try the upgrade again...

  • Suggested Answer

    0 in reply to 

    That is DSfW. I always fear to break something in DSfW, if a bigger update is to be done. In my memory at least every second update ended in problems. Therefore I do those only over the weekend, that I have enough time to resolve the problems or roll back to the previous version. The last upgrade - but only for a single DC - to OES 2023 from OES 2018SP3 went, besides from the problems, which are observed  on every OES server in this scenario, quite well. But I always upgrade all non DSfW OES servers before I touch the DSfW server - thus I already know all problems of the pure OES upgrade process, so that I have only to deal extra with the DSfW specific problems in this upgrade.

    For DSfW it is extremely essential, that the configuration contained in the /etc/sysconfig/novell directory is correct, especially xad, edir and oes-ldap as well as the ldap_servers, as the values there are taken for the upgrade scripts instead of the values of the real configuration files. If those files contain something, which was changed in the real configuration files, the upgrade scripts changes those settings to the values of the sysconfig files and you can imagine, that this can break almost everything. Also you need to run the upgrade on a DSfW server  via a graphical console,  because the upgrade script needs to open a graphical interface, where you can check and adapt several settings.

  • 0 in reply to 
    For DSfW it is extremely essential, that the configuration contained in the /etc/sysconfig/novell directory is correct,

    I executed the oes upgrade check script before upgrading and especially on the DsFW/DNS/DHCP servers were no changes between the values of /etc/sysconfig/novell found. Some changes were found on the two other servers which only provides eDir, Imanager, NSS, Iprint and some other stuff but also there were no changes which i really have to correct, so it was very weired...

    Lets see, i will give it this weekend another chance