Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 129
  • Last Modified:

Windows 2000 Client doesn't connect to Windows 2000/2003 domain correctly

This is a really odd situation which is why I'm having a hard time finding any documentation to resolve it.  I have two DC's one running Windows 2000 and the other running Windows 2003.  All my client machines are running Windows 2000, but they are located in two subnets.  One subnet is the same as the servers is running just fine, but the other subnet clients can't connect to the printers and they get "Disk Full" errors when trying to save on the file server.  This is really bazarr but this issue surfaced about the same time as I upgraded AD to accomindate the 2003 server.  Just for kicks, I brought one machine from the other subnet over plugged it in and everythign works fine.  This rules out any updates or viruses for the time being.  I've even configured the network cards exactly the same as my test machine in the working subnet... no change.  One of the machines is receiving a 5789 DNS error "Access Denied"  but the others are not.   This machine is giving me an LDAP error while running NetDiag, but DCDIAG is passing.  The LDAP is the "SPN registration is missing", but I've unjoined this computer and joined it multiple times and still nothign.  Is there another program here that I'm missing, somethign that shows me I don't have a complete connection or somethign????


Thanks
0
Mach03
Asked:
Mach03
  • 3
  • 2
1 Solution
 
mikeleebrlaCommented:
firstly can the pcs in the non-DC subnet ping your DCs??
can you explain more about your printing setup?  how do your users print? via IP or print server?  in either case can they ping the ip of the printer or the print server?

what method did you use to upgrade your domain to 2003??? it sounds as though you are running in 2000 native mode right?

this link will tell you how to properly upgrade your domain from 2000 to 2003:
http://www.commodore.ca/windows/windows_2003_upgrade.htm

this link will exlain different 2003 functional levels:
http://www.computerperformance.co.uk/w2k3/w2k3_mixedvnative.htm
0
 
Mach03Author Commented:
yes, the non-dc subnet can ping the DCs and it allows then to login.  I've done a test by changing a group policy and the setting are pushed through.  From a security standpoint, I have both set in the same OU with the same settings, so I'm ruling that out.

The printers are a standard IP share from on the DC's and yes they can ping that server.   Since it's on of the DC's it running DNS and I have it set to my primary DNS.  When I run Nslookup it connected and gives my various IPs of sites all over the world.

The method I did was a default action that the Windows 2003 setup did when I ran dcpromo on the 03 server.  It detected that my 2000 domain (yes native mode) wasn't prepaired for the 2003 server and it asked me to upgrade the domain before I did. I shifted the Domain Naming Master & RID Master FSMO's to the server running 2000 (PDC) and ran the "prepair 2000 domain for 2003" wizard.  Once that was done, I ran dcpromo on the 03 server and sync the AD.

I'm back over in the non-dc subnet, brought the machine back and it's still not working properly.  The good news is I ran netdiag.. no errors.  I ran dcdiag on both of my DC's.. not errors neither.  However, printer and file shares are still giving me issues.  If I have all the settings the exact same, but just move the pc from one building to the next, how can this be?  The DNS servers, WINS server, and gateway are all connected and pingable (is that a word?) but still no method to the madness.
0
 
mikeleebrlaCommented:
i think i may have missed something when i first read this post,,, is this happening for just one machine, or on all machines in the non-DC subnet?? If it is happening on just one machine i would remove it from the domain, reboot it, rename it, reboot it, and then re-add it to the domain, reboot.  This will give this computer a whole new account in AD.  
0
 
Mach03Author Commented:
Good point, it's happening with all the computers on that subnet.   One machine I did remove it, rename it, and rejoin it.  Still nothing.  
0
 
Mach03Author Commented:
Okay, now I'm getting a DCOM 10003 error.  "Access denied attempting to launch a DCOM Server using DefaultLaunchPermission.  The server is {00020906-0000-0000-C000-0000000046}  The user is Unavailable/Unavailable, SID=Unavailable.

I've search the internet, but I haven't found any REAL descriptions to this probme or how to fine the {0002~46} server.  
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now