Re: Second DC cannot authenticate to other DC
From: David Everett [MSFT] (deverett_at_online.microsoft.com)
Date: 03/05/04
- Next message: SRK: "Re: Accessing LDAP to connect to ADAM instance"
- Previous message: e_sheridan: "Trust Relationship vs AD between Firewall"
- In reply to: Zef: "Second DC cannot authenticate to other DC"
- Next in thread: Bret Jones: "Re: Second DC cannot authenticate to other DC"
- Reply: Bret Jones: "Re: Second DC cannot authenticate to other DC"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 5 Mar 2004 11:15:13 -0600
Hi Brett,
1. Disconnect any mapped drives that might already exist between the two DCs
and then try and connect. If it still fails to connect open the command
line on both DCs and type the following command:
net share <enter>
2. Verify both DCs list the IPC$ share in the output. If the ADMIN shares
are not listed then make sure "AutoShareServer" is not under
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters and
"AutoShareWks" is not under
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters. If these
are present, delete them and reboot. After the reboot verify they do not
get added back into the registry.
3. If the IPC$ shares do exist then verify you can connect to the other DC's
IPC$ by typing the following command:
net use \\dcname\ipc$
4. See if the CrashOnAuditFail is enabled on either DC. If the value is 2
on either system do the following:
a. Save and clear the Security log.
b. Delete the CrashOnAuditFail value, recreate the REG_DWORD value and set
it to 0 or 1
c. Reboot.
-- David Everett Microsoft Corporation This posting is provided "AS IS" with no warranties, and confers no rights. "Manfred" <simonet@cdiglobal.com> wrote in message news:174401c384cf$cca46b50$a301280a@phx.gbl... "Zef" <anonymous@discussions.microsoft.com> wrote in message news:5b1001c400a5$fcc613e0$a501280a@phx.gbl... > Got a strange one. . . > > Running 2003 Small Business Server with a 2003 Standard > Server set-up as a second domain controller. All > connectivity tests are good, can ping, browse, and even > replication is working correctly. > > The problem is that if you are on the second domain > controller using Active Directory, any communication with > the SBS domain controller results in a logon prompt. No > matter what logon credentials you use, it will not allow > authentication. > > This is primarily manifesting when workstations > authenticate to the second domain controller. They get > no logon scripts, no group policy and cannot map drives > or otherwise connect to the SBS file system, although > Outlook runs just fine. > > I have also seen the problem on the second DC using > Active DIrectory Management Console. When I attempt to > logon to the SBS DC, I get the logon prompt and no > credentials will work. > > Hoping to at least get some idea on how to move forward > on this. > > Thank You > Bret Jones
- Next message: SRK: "Re: Accessing LDAP to connect to ADAM instance"
- Previous message: e_sheridan: "Trust Relationship vs AD between Firewall"
- In reply to: Zef: "Second DC cannot authenticate to other DC"
- Next in thread: Bret Jones: "Re: Second DC cannot authenticate to other DC"
- Reply: Bret Jones: "Re: Second DC cannot authenticate to other DC"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
