GPP issues on Windows 2008 Terminal Server
Hi All,
I had a windows 2003 AD with win2K8 STD. X64. Everything was working fine until I migrated the network to a new windows 2008 R2 AD. I have enabled printers and drive mapping using GPP. I had some issued with windows Xp but those were solved by patching with the MS client side patch. The problem starts with a windows 2008 STD. That functioned as a TS. It refuses to accept the new GPO/ GPP. I was not able to find a patch for client side for win2k8 nor do I know if it even exist. I have removed server from domain and re-added and patched latest nic drivers but with no luck.
I have another client with a similar envir and their win2k8 works fine with the win2k8 R2 Ad. I have also fully patched the server. I have also disabled the GPO printer settings for getting printers only from certain servers.
Anyone else is or was having issues with win2k8 STD ( which is really Vista) on a win2k8 R2 domain?
Thanks for your help.
I had a windows 2003 AD with win2K8 STD. X64. Everything was working fine until I migrated the network to a new windows 2008 R2 AD. I have enabled printers and drive mapping using GPP. I had some issued with windows Xp but those were solved by patching with the MS client side patch. The problem starts with a windows 2008 STD. That functioned as a TS. It refuses to accept the new GPO/ GPP. I was not able to find a patch for client side for win2k8 nor do I know if it even exist. I have removed server from domain and re-added and patched latest nic drivers but with no luck.
I have another client with a similar envir and their win2k8 works fine with the win2k8 R2 Ad. I have also fully patched the server. I have also disabled the GPO printer settings for getting printers only from certain servers.
Anyone else is or was having issues with win2k8 STD ( which is really Vista) on a win2k8 R2 domain?
Thanks for your help.
Did you change DNS server in DHCP. Often times Improper DNS settings are the downfall of Group Policy.
ASKER
The server has a static ip. I did change the priority on the dns servers so that the newly added 2k8r2 is the first on the list of dns servers and the old win 2k3 ad with it's dns as the second of the list. From what I could tell both dns servers are happy.
Hi,
Can you please try to make a simple GPO or GPP & not amend the one's which were existing from the old environment?
Let's see if the Server takes the GP or is it totally denying it? Please reboot the server after you apply GPO & post the GPO you configure for test.
A
Can you please try to make a simple GPO or GPP & not amend the one's which were existing from the old environment?
Let's see if the Server takes the GP or is it totally denying it? Please reboot the server after you apply GPO & post the GPO you configure for test.
A
ASKER
The two polices are new. I think I am going to remove the old profile from the server.
The point is to make a new policy which didn't exist in the old environment, all what we want to see is if the GP processing is working or not?
ASKER
Yeah, I created these 2 new polices on the new R2. O.K so I have an update, I contacted MS to get a hold of that patch fix289883. That apparently can only be downloaded by emailing MS. Anyway, they sent me the file, I downloaded and install, and indeed my Win 2K8 TS boots up. The only issue it reports that it could not map the desktop and my doc, and the error shows the path of the old server. I did GPresult /r and saw that I am still getting GPO from the old BDC which is Win2K3. The old BDC is still alive, but it is not GC. I moved all roles to the new R2. I have the feeling I need to demote it completely don't i?
If you have move everything I don't see any harm doing it.
ASKER
Thats what I am going to do. Its driving me crazy that the server still look for the redirected folders on the old non existing AD. I rebooted 4 times and it still says that the desktop and my doc cannot be found....
Thanks, I will keep you guys posted.
Thanks, I will keep you guys posted.
ASKER
OK old Win2K3 BDC removed. Now I have only a single AD on Win2K8 R2. DNS also removed from old Win2K3.
Here is the event ID I am getting when logging in to the Win2K8 TS:
Log Name: Application
Source: Microsoft-Windows-Folder Redirection
Date: 10/11/2011 1:52:34 PM
Event ID: 502
Task Category: None
Level: Error
Keywords: Classic
User: DOMAIN\administrator
Computer: TS.domain.com
Description:
Failed to apply policy and redirect folder "Videos" to "\\NEWSERVER\UserProfiles\
Redirection options=80009211.
The following error occurred: "Failed to build the list of regular subfolders under "\\OLDSERVER\Users Profiles\administrator\My Documents\My Videos"".
Error details: "Logon Failure: The target account name is incorrect.
".
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Fo
<EventID Qualifiers="49152">502</Ev
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2011-10-11T20:
<EventRecordID>36305</Even
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Chan
<Computer>TS.domain.com</C
<Security UserID="S-1-5-21-714707875
</System>
<EventData Name="EVENT_FDEPLOY_Failed
<Data Name="FromFolder">Videos</
<Data Name="ToFolder">\\NEWSERVE
<Data Name="Options">80009211</D
<Data Name="Error">Failed to build the list of regular subfolders under "\\OLDSERVER\Users Profiles\administrator\My Documents\My Videos"</Data>
<Data Name="ErrorDetails">Logon Failure: The target account name is incorrect.
</Data>
<Binary>74050780</Binary>
</EventData>
</Event>
Also, see screen shoot when logging in to the TS. (BSTDC01 = old AD, does not exist anymore).
Capture.PNG
Here is the event ID I am getting when logging in to the Win2K8 TS:
Log Name: Application
Source: Microsoft-Windows-Folder Redirection
Date: 10/11/2011 1:52:34 PM
Event ID: 502
Task Category: None
Level: Error
Keywords: Classic
User: DOMAIN\administrator
Computer: TS.domain.com
Description:
Failed to apply policy and redirect folder "Videos" to "\\NEWSERVER\UserProfiles\
Redirection options=80009211.
The following error occurred: "Failed to build the list of regular subfolders under "\\OLDSERVER\Users Profiles\administrator\My Documents\My Videos"".
Error details: "Logon Failure: The target account name is incorrect.
".
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Fo
<EventID Qualifiers="49152">502</Ev
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2011-10-11T20:
<EventRecordID>36305</Even
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Chan
<Computer>TS.domain.com</C
<Security UserID="S-1-5-21-714707875
</System>
<EventData Name="EVENT_FDEPLOY_Failed
<Data Name="FromFolder">Videos</
<Data Name="ToFolder">\\NEWSERVE
<Data Name="Options">80009211</D
<Data Name="Error">Failed to build the list of regular subfolders under "\\OLDSERVER\Users Profiles\administrator\My Documents\My Videos"</Data>
<Data Name="ErrorDetails">Logon Failure: The target account name is incorrect.
</Data>
<Binary>74050780</Binary>
</EventData>
</Event>
Also, see screen shoot when logging in to the TS. (BSTDC01 = old AD, does not exist anymore).
Capture.PNG
Can you try something;
Define DNS in your Workstation for the new DC, flushdns or reboot & see what happens?
Define DNS in your Workstation for the new DC, flushdns or reboot & see what happens?
ASKER
You know I am starting to think its a Folder Redirection Permissions on the folders themselves.... I lost them since I reinstalled the OS on the file server (which is also the new AD).... I am searching for an article on what is the default permissions on the redirected folder location.
As to DNS, the TS has a static IP with DNS that points to 10.0.1.1 which is the new AD and DNS. I rebooted several times, and did not see any change. As to workstations, they use a DHCP (also on new server). The DHCP has a DNS of 10.0.1.1 as well.
Where were you going with this?
As to DNS, the TS has a static IP with DNS that points to 10.0.1.1 which is the new AD and DNS. I rebooted several times, and did not see any change. As to workstations, they use a DHCP (also on new server). The DHCP has a DNS of 10.0.1.1 as well.
Where were you going with this?
Alright, it seems that this is the exact thing:
http://www.nebev.net/blog/?p=258
I am really feeling bad that I can't exactly give you one stop solution, the problem is I can't replicate the issue, it will just take too long to recreate it :(
A
http://www.nebev.net/blog/?p=258
I am really feeling bad that I can't exactly give you one stop solution, the problem is I can't replicate the issue, it will just take too long to recreate it :(
A
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No worries my friend you have done more than enough! The first link, I am not so sure that is the problem since I was not able to find the KB. Second link is awesome, I will make changes after hours when users are off and about.
I will keep you posted.
Thank you very much for your help. You have been awesome.
I will keep you posted.
Thank you very much for your help. You have been awesome.
Great. Rest tomorrow. Signing Off now.
Thanks.