We help IT Professionals succeed at work.

Why won't my domain users show up on this Win2k3 machine...???

Andrew Angell
on
I've been working on a workgroup environment and I recently switched to a domain controller.  I've gotten all of my machines added to the domain, including my Win2k3 web server, and everything works as expected from all machines (Windows 7) except for the Win3k server machine.

I was able to get it added to the domain without a problem and I can sign in using the domain admin account, however, when I try and set shares or access permissions only the local users are showing up for me.  I can't get the domain users/groups to show up at all.

For example, I've shared a folder on the Win2k3 machine while logged in with the domain admin account.  When I try to add users to the Permissions for the share, though, I don't see any of the domain users.  All I see are local accounts.

If I click into advanced and then try to go into Locations to switch to the domain it doesn't show up there either.  All I see there is my local computer name (which I actually changed when I joined the domain) but the domain I'm on doesn't show up there.

All of my Win7 machines show me the domain users when I share folders no problem.  Any information about how I can make this work would be greatly appreciated.  Thanks!
Comment
Watch Question

Are you seeing the computer object in the COMPUTERS OU on your domain controllers?
Have you, by any chance, renamed the 2003 server, and joined it at the same time? that seems to also cause some problems sometimes.

What I would do is the following:
First unjoin the w2k3 server from the domain. Make sure that you type a valid domain admin account when un-joining. (you will be allowed to successfully unjoin the server from the domain without propert credentials, however, this will not disable/delete the object from AD without proper credentials.

After un-joining, make sure that your w2k3 server computer name doesn't show up, and if it does, make sure you delete it, or reset the computer account.  (Since you're running in a 1 domain controller environment, you don't need to worry about replication).

After all the above is done, reboot your w2k3 server, and after the reboot, rejoin it to the domain, and make sure that the computer object is now listed in AD.

Now try to set some AD based ACLs.

Hope this helps,
Andrew AngellCo-Owner / Developer

Author

Commented:
Well, it actually does show up in AD already from the first join.  I'll go ahead and unjoin and rejoin, though, and see if that helps.  I'll update here in a bit.
Andrew AngellCo-Owner / Developer

Author

Commented:
Come to think of it I did rename the computer at the same time as I was joining the domain.  Unjoining and rejoining seems to have solved the problem.  Thanks!
No problem. Glad I could help! :)