In my company we have two domain controllers PDC (primary one), ADC (Additional one). upon user authentication the Additional domain controller is not involved in any user authentication.
we have checked the replication and it's OK. we have checked the DNS and it seems OK.
is there a place to check to see if some is wrong or not?
not involved in any user authentication.
how are you validating that? You should be able to sinkhole the functional DC name and fqdn in the hosts file on a client and force authentication on the other DC. Also need to include the output ofnltest /dsgetdc:domain.name /server: otherDC
.