Can't Browse a DC
From: Bruce D. Meyer (bdmeyer44_at_msn.com)
Date: 12/12/04
- Next message: CiD: "VPN user cannot see domain shares"
- Previous message: Dave Shaw [MVP]: "Re: Active Directory re-design"
- Next in thread: Dave Shaw [MVP]: "Re: Can't Browse a DC"
- Reply: Dave Shaw [MVP]: "Re: Can't Browse a DC"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 11 Dec 2004 20:00:27 -0500
We are running in Mixed mode. Two Windows 2003 Servers as DC's for domain2,
and an older NT4 domain (we'll call it domain1.) Two way trust has been in
place for over a year.
I can login into a windows 2000 workstation on domain1, browse to domain2,
and pick server, the DC that it is forest root for domain2, double click on
it and see sysvol, and netlogon. When I try the same thing with server 2, on
the same domain (domain2) I get an error:
\\server2 is not accessible. There are currently no logon servers available
to service the logon request.
Looking at the event log, on server2 I see Error 5719 NETLOGON. I have spent
two days reading every KB article, Windows Help and Support Center,
googling, etc. Nothing seems to apply. I can open up a command shell, and do
a net use with the domain username line, and it I can then browse that
machine. Useless, I know, but still a result.
Trying some stuff from the server itself, trying to pull user info from
domain1, I get:
'The Trust relationship between the primary domain and the trusted domain
failed.'
I again, googled, etc but found nothing that worked.
Some background:
Server2 had ip 1.2.3.4 in a previous life 2 months ago.
I used that highly underpowered hardware for a less important task, and
recreated Server2 on a more properly suited piece of hardware. It now has a
different IP address. (lets say 1.2.4.5)
I removed all mappings from domain1's WINS server. Later I have added static
WINS mappings for this server (On domain1's WINS server) We are not running
WINS on any domain2 servers. I flushed DNS everywhere, and even brought the
Server2 down for a weekend. I have an lmhosts file created yesterday on
server2 pointing to some key servers on the NT network at domain1.
I have tried everything short of breaking and recreating the trusts on
server1 of domain2. (The AD Root DC, GC) For what it's worth the
infrastructure fsmo is on server2 (domain2)
This server isn't an upgrade, it's a fdisked new install. Also, the original
server2 was Windows 2000, and is now windows 2003. It was windows 2000 at
the time the trusts were created.
Please ask me any questions you want, I don't even know where to begin
trouble shooting this. users from domain1 absolutely will need to be able to
access shares, and also applications on server2 need to be able to browse
everything it needs on domain1.
I apologize if this is not worded clearly enough.
Bruce D. Meyer
- Next message: CiD: "VPN user cannot see domain shares"
- Previous message: Dave Shaw [MVP]: "Re: Active Directory re-design"
- Next in thread: Dave Shaw [MVP]: "Re: Can't Browse a DC"
- Reply: Dave Shaw [MVP]: "Re: Can't Browse a DC"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
