Newly added Windows Server 2003 Domain Controller won't authenticate anything

Posted on 2008-11-11
Last Modified: 2012-05-05
I have a Windows Server 2003 network that had only one domain controller.  I have recently promoted another server on the domain to function as a second domain controller and a second DNS server.   When I power down the original domain controller and try to log into the domain on a workstation that is part of the domain, I get the error that no domain controller is available to authenticate and network resources are not available.  Why won't the second domain controller provide the authentication?

The new DC is also a Global Catalog server and I installed DNS on the new DC as well.  I put in the address of the new DC for DNS in my DHCP scope and still it wont authenticate.  I even tried a fixed address and DNS and that does not work either.  I can however pull up Active Directory Users and Computers on both DCs to access AD; the only problem is that the second DC will not authenticate anything when the original is turned off.  I cant think of anything else to try.
Question by:RecompLLC
    LVL 15

    Accepted Solution

    Have you confirmed that the SYSVOL folder has replicated successfully to the second DC?

    You said you had added the second server as the secondary DNS address in your client's DHCP scope, but have you done a "ipconfig /release && ipconfig /renew" on a client to confirm that it is pulling down the proper data?
    LVL 59

    Expert Comment

    by:Darius Ghassem
    Try to do an ipconfig /flushdns. Are you getting any errors in the Event Log of the new DC. Do a netdiag /fix then a netdiag then post results.

    Author Comment

    dfxdeimos,  You are correct, the SYSVOL folder is not being properly replicated that must be the problem.  Any suggestions on how I can get this folder to replicate properly?  What whould happen if I manually copied the data in this folder and subfolders to the new DC?

    Regarding the DHCP scope, yes I did make sure the clients were releasing and renewing and getting the proper information.
    LVL 59

    Assisted Solution

    by:Darius Ghassem
    The burflag method will replicate the SYSVOl.
    LVL 15

    Expert Comment

    Dariusq is correct, the method he posted should help you resolve the SYSVOL replication issue, which in turn should solve your root issue.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now