I'm having several problems with my domain right now, and I believe it is coming from an authentication error from all of the clients that are connecting to my DC. I'm running two servers; (1) DC w/ server 2003 sp2, and (1) Exch server w/ 2003 sp2. I was forced to run the DISA GoldDisk on my servers, and since then nothing has worked right. DISA GoldDisk is a collection of hotfixes, patches, and changes to group policies that harden servers to DoD standards. I can't simply uninstall or wipe the servers since we're online right now. All I have is internet browsing. I've looked up all of my errors I'm getting, and they all lead me in different directions.
My exchange services won't start. MSExchangeSA is giving me an error, event id 1005. Unexpected error Logon failure: unknown user name or bad password. Facility: LDAP Provider ID no: 9007052e Microsoft Exchange System Attendant occured.
Also, Userenv is giving me a event id 1053: Windows cannot determine the suer or computer name. (Access is denied.). Group Policy processing aborted.
Steps I've taken with this:
Ran setup.exe /domainprep again to reset the servers permissions
Scrubbed the Local, Domain, and Domain Controller security policies (might of missed something, don't know exactly what I'm looking for)
Ran gpupdate /force MANY times.
I can't connect to our domain controller shares with a \\<ip addr> when I'm on a user account. I can do this just fine when I'm on a Domain Admin account. Haven't been able to figure this one out, but I'm sure it's related to the rest of my problems. The funny thing is, if I log on to a client with a local account, I can get to the shares. The error I'm getting is:
\\<ip addr> is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
None of our network print shares (we tried on our DC and Exch servers) are working. For users, they don't show in active directory, but they do if you're logged in as a domain admin.
All of these sound they're related, I've tried to drop the security policies on the DC, i checked the time and synced it with another time source, and still no joy. Everyone can log on and surf the internet though.