Having issues for month now with pockets of users - which can change daily. Win2k8 R2 mixed with Win2k12R2 DCs. Setup SSO agent on new HV non-DC. Also setup SSO agent on new DC but disabled per SonicWall. So only the one SSO agent running.
On a daily basis, I have PCs losing their SSO Agent abilities using the CFS policies. At each station we have disabled the Windows Firewall, flushed dns, disjoined from domain, you name - we have tried it. I have a ticket with SonicWall open but not getting really any results to correct. The PCs having issues receive these errors in the Users Status window:
SSO agent reported: OS error 5: Access denied
SSO agent reported: OS error 53: Network path not found
Agent did not respond
Agent returned no user name
I do have too many DCs right now as I am migrating a few out which means too many DNS servers as well (5). I don't know how to get those PCs back online with SSO. Windows Firewall was obvious. Tried opening suggested ports but still failure so disabled totally except Public Network which is still on. Ideas?