acvj-dsiMemberFeb 21, 2008 at 5:55 am #130561
I just stumbled upon a problem that is quite new to me.
I have 2 DCs in one domain.
DC01 — is Windows 2000 Server (Master of operations)
DC02 — (secondary) is a Windows 2003 Server SP1
They were both running OK for about a year, and recently the access problems started after installing SP2 on the W3K server.
The problem is following: DC02 can access resources on DC01 only through IP address — otherwise access is denied. The odd thing is that all the users can autenticate and access share resources on any of the DCs.
I did the tests of dcdiag and netdiag as well as nslookup and replication. All seems to be in order (no errors) and yet….
I recovered an image of DC02 with only SP1 installed then I demoted the secondary DC (no errors). As long as it stays only as member server there are no problems with access to resources (so obviously it is not user rights problem). However demotion is not a solution as my company requieres to have a secondary DC for AD backup
I checked DNS zones replication as well and received no errors.
DC01 can access all the resources on DC02 but when DC02 tries to access DC01 via its name \DC01
— the access is denied. I’m logged in on both machines as Domain Admin.
Besides 2 DCs we have 4 member servers running W3k sp2 and all of them but one can access the resources on both DCs. One of then however started giving the same problem as DC02
Any ideas would be wellcomed as it’s starting to drive me nuts. Thank you! If something isn’t clear I will elaborate more (english is not my native language).
You must be logged in to reply to this topic.