GreyHippo
asked on
I can't add new group policies on additional domain controller
I added a Windows 2008 R2 server as a domain controller to an existing windows 2003 domain. I ran all the adprep commands before I added the server. When I try to open GP management, I receive an error message "The domain.com forest could not be loaded and will be removed. The error message was: Unspecified error."
What do I need to do to be able to run group policy from the new server.
What do I need to do to be able to run group policy from the new server.
Before you promoted the 2K8 R2 DC did you run the adprep /domainprep /gpprep ? /gpprep is done for group policy so that they compatible across different OS versions. 2008 has features that 2003 does not have and this command is necessary.
You would run this command on the Infrastructure Master holder.
You would run this command on the Infrastructure Master holder.
ASKER
Yes.
ASKER
I am not able to edit the GPs thru the GP management console but I can access them thru Server Manager. I was able to create a GP and link to an OU.
Why can't I access it thru GP Management console?
Why can't I access it thru GP Management console?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Not sure why I had to re-add my domain but it worked
ASKER
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\administrator.dom
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = server2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\se
Starting test: Connectivity
......................... server2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\se
Starting test: Advertising
......................... server2 passed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... server2 passed test FrsEvent
Starting test: DFSREvent
......................... server2 passed test DFSREvent
Starting test: SysVolCheck
......................... server2 passed test SysVolCheck
Starting test: KccEvent
......................... server2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... server2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... server2 passed test MachineAccount
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=local
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=local
......................... server2 failed test NCSecDesc
Starting test: NetLogons
......................... server2 passed test NetLogons
Starting test: ObjectsReplicated
......................... server2 passed test ObjectsReplicated
Starting test: Replications
......................... server2 passed test Replications
Starting test: RidManager
......................... server2 passed test RidManager
Starting test: Services
......................... server2 passed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000457
Time Generated: 08/30/2012 08:08:30
Event String:
Driver Xerox WorkCentre 7428 PS required for printer !!domain-SERVER2!
Xerox WorkCentre 7428 PS is unknown. Contact the administrator to install the dr
iver before you log in again.
......................... server2 failed test SystemLog
Starting test: VerifyReferences
......................... server2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : local
Starting test: CheckSDRefDom
......................... local passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... local passed test CrossRefValidation
Running enterprise tests on : local.domain.com
Starting test: LocatorCheck
......................... local.domain.com passed test LocatorCheck
Starting test: Intersite
......................... local.domain.com passed test Intersite
C:\Users\administrator.dom