Domain Security Policy - Access Denied

From: Someone There (notreal_at_notreal.com)
Date: 02/10/04 

Date: Mon, 9 Feb 2004 22:22:03 -0500

Yep, pretty much what it says and the first time I've ever seen/heard of it.
    In this particular case, the client has Windows 2003 Enterprise and
Windows 2000 Advanced Controllers.
    The domain was setup as 'companyname'.local and worked fine. Win2k ADV
was then joined.
    Next SQL Server 2000 was installed on Win2k ADV but complained about the
domain needing to be in Native mode. Strangely and obviously it was in Mixed
mode.
    The domain functional level was then raised to Win2k Native mode.
    Following this, Sql decided to complain about permissions and what have
you, so it was set to log on via local system.
    After rebooting the machines and making sure replication worked.... I
can no longer access the Domain Security Policy or Domain Controller
Security Policy.
     I don't have the exact event ID on me at time of this writing (will
post in the morning when I get to work if needed)...
    but quite simply it pops up and says 'Access Denied.' Relating to
registry.pol and GPT.ini
    Also, after this... dcdiag no longer reports anything working and
complains about the domain being down.
        "down (sysvol)" but logins are processed properly. Further, the DC's
can no longer access one another properly using
    Administrator, or another account with admin privileges.

I've combed the net and newsgroups/forums but found nothing. One person
experiencing something similar eventually caved and formatted.... that is
something that needs to be avoided. If needed... so be it... but otherwise
avoided.

Any links, info, etc... would be greatly appreciated.

Thanks guys.
JC

Relevant Pages

  • Re: Switch from mixed to native mode : risks ?
    ... Before making the switch have backups of all DCs ... # Jorge de Almeida Pinto # MVP Windows Server - Directory Services ... I want to switch my domain to native mode. ... I want to know if there is any risk for: ...
    (microsoft.public.windows.server.migration)
  • Re: Switch from mixed to native mode : risks ?
    ... Before making the switch have backups of all DCs ... # Jorge de Almeida Pinto # MVP Windows Server - Directory Services ... I want to switch my domain to native mode. ... I want to know if there is any risk for: ...
    (microsoft.public.windows.server.migration)
  • Re: running "old" WIN98/Me programmes with XP: specific questions
    ... You can use the /savecred option to save it the first time the password is ... 2004 Windows MVP "Winny" Award ... But for a user with limited account, ... I can have all three programs running for a user with limited account> if they launch the programme with Administrator priviledges. ...
    (microsoft.public.windowsxp.general)
  • RE: What is the official/semi-official positon of Fedora on KDE?
    ... | the standard fedora kde to the kde-redhat project ... For the first time since the ol' ... What's an option to windows worth if you ... | upgrade to FC4 (yes, I know I'm dreaming, of course I ...
    (Fedora)
  • Re: 2003 native mode with NT4 DCs
    ... You can't move to Windows 2003 native mode with NT4 BDC's still in the mix. ... > I am faced with a scenario where I want to move a mixed mode 2003/NT4 ...
    (microsoft.public.win2000.active_directory)