Re: Active Directory Only Displays Local Objects

By the way, I just noticed that Exchange is running in Mixed mode
(Under Exchange System Manager, right-click the main tree root
([servername] (Exchange), choose Properties, General tab).
Should I switch to Native mode, or would this have any impact on this
issue, or on the performance of the server?

It also seems sluggish after reinstalling, but this may be due to
McAfee 8.5i being installed.

Thanks anyone.


5quiz41 wrote:
Thank you so much for your prompt reply.

I'm still puzzled, because on the computer I was testing, I *did*
re-join the domain.
I set the system to be connected to a workgroup, then I rebooted, then
went back and switched to a domain. I rebooted again, and was able to
log in using a domain username and password. I can access shares on
the server without being prompted for a password. I also manually
added the computer to the active directory Computers section.
Even then, if I bring up the Active Directory search, it will list the
domain, but when I click Find, there are no results. Or if I'm trying
to change file/directory/share permissions, and I try to enter domain
usernames, I get "this username is not found". And if I try to change
the Location, the domain controller is not in the list.

The strange thing is: the domain user whom I logged in as, is listed as
a valid user in the Permissions list. It's listed as
[domain]\[username] and not [local computer]\[username].

I'm sorry for being dense but it seems like Active Directory has some
permission set somewhere which prevents users from browsing the
directory. Is this possible? If so, where can you change Active
Directory permissions?


Thank you again!


Erik Cheizoo wrote:
The computers are not joined to the domain anymore.
I assume you have reinstalled using the same domain name. However, the
DOMAIN SID has changed, invalidating all computer memberships. Further, the
domain do not have the computer objects.

The only solution is to un-join and rejoin all computers to the domain.
Search this newsgroup for articles on joining a domain, as this has been
discussed recently. It can be done remotely if you have the local
administrator password.

My explanation why users can logon is because you have kept usernames and
passwords the same (or no passwords).

--
Kind regards,

Erik Cheizoo
eXcellence & Difference - we keep your business running
============================================
Always test in a non-production environment before implementing
Guidelines for posting: http://support.microsoft.com/?id=555375
============================================


<ryan.griggs@xxxxxxxxx> wrote in message
news:1168935863.205445.9940@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello. I have a very strange problem. From PCs which are members of
my domain, when I open the Active Directory search, I cannot find any
objects from the DC. ONLY local objects are shown.

Here is the background on this issue:

I am running a small organization on Small Business Server 2000. There
are approx. 25 PCs on the network, all set up as members of the domain.
The SBS Server is the DC.

I just re-installed SBS on the server, because the C: partition was
initially sized at 8GB and was completely full. I had to re-format the
drive to re-partition into two blocks, C: = 16GB and D: = 56GB. I
understand about unique user identifiers, etc... I had tried to back
up/restore Active Directory and restore it, following Microsoft's
directions, but each time this crashed the installation and
necessitated a reinstall. So I decided to do a clean install, then add
all the users again.

After re-connecting the SBS server to the network, I logged into a
member PC. I was still able to log in and access Outlook/Exchange, but
file sharing permissions were messed up. This is understandable since
the users' unique IDs don't exist any more.

So I removed the computer from the domain, and re-joined the domain.
Fine. Now, I want to share a folder. I can share the folder fine, but
when I attempt to set permissions on the folder, Active Directory will
only allow me to search the LOCAL computer for users. If I click the
"Locations" button, the only thing displayed is the local computer.
There is absolutely no option to search the DC for users.
If I open Network Connections and click on Search Active Directory, I
can select the DC, but when I search for ANYTHING, I get a completely
empty search result.

Why can't the computer, which is a member of the domain, see Active
Directory objects on the DC? Why is it required to ONLY search within
the local security objects?

Any suggestions or help will be greatly appreciated!!!


Thank you for your time!


.