Link to home
Start Free TrialLog in
Avatar of Ima Bum
Ima Bum

asked on

Why can't Users in One Site connect to their Shares in Another site ?

Users in One Site cannot resolve the Server "shares" in another Site unless an IP is used, so mapped drives are not connecting.  
So, an example would be, I can map a drive with the following unc \\10.10.20.11\sharename

Forest 2003 Functional level
Servers 2008 R2

No sure why the Forest Domain has not been upgraded to match the servers.

I can ping and resolve the server though, so it's not a DNS issue.

I inherited this challenge, and don't have a lot of history in terms of "why" this is happening or when it started, just it's "not" working.  Thanks for any feedback.

... running a dcdiag I get the following:
Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = ARIZONA

   * Identified AD Forest. 
   Done gathering initial info.


Doing initial required tests

   
   Testing server: ARIZONA-AZ\ARIZONA

      Starting test: Connectivity

         ......................... ARIZONA passed test Connectivity



Doing primary tests

   
   Testing server: ARIZONA-AZ\ARIZONA

      Starting test: Advertising

         ......................... ARIZONA passed test Advertising

      Starting test: FrsEvent

         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems. 
         ......................... ARIZONA passed test FrsEvent

      Starting test: DFSREvent

         ......................... ARIZONA passed test DFSREvent

      Starting test: SysVolCheck

         ......................... ARIZONA passed test SysVolCheck

      Starting test: KccEvent

         A warning event occurred.  EventID: 0x8000061E

            Time Generated: 12/04/2019   13:09:15

            Event String:

            All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable. 


         An error event occurred.  EventID: 0xC000051F

            Time Generated: 12/04/2019   13:09:15

            Event String:

            The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition. 


         A warning event occurred.  EventID: 0x80000749

            Time Generated: 12/04/2019   13:09:15

            Event String:

            The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site. 


         A warning event occurred.  EventID: 0x8000061E

            Time Generated: 12/04/2019   13:09:15

            Event String:

            All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable. 


         An error event occurred.  EventID: 0xC000051F

            Time Generated: 12/04/2019   13:09:15

            Event String:

            The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition. 


         A warning event occurred.  EventID: 0x80000749

            Time Generated: 12/04/2019   13:09:15

            Event String:

            The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site. 


         A warning event occurred.  EventID: 0x8000061E

            Time Generated: 12/04/2019   13:09:15

            Event String:

            All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable. 


         An error event occurred.  EventID: 0xC000051F

            Time Generated: 12/04/2019   13:09:15

            Event String:

            The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition. 


         A warning event occurred.  EventID: 0x80000749

            Time Generated: 12/04/2019   13:09:15

            Event String:

            The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site. 


         A warning event occurred.  EventID: 0x8000061E

            Time Generated: 12/04/2019   13:09:15

            Event String:

            All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable. 


         An error event occurred.  EventID: 0xC000051F

            Time Generated: 12/04/2019   13:09:15

            Event String:

            The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition. 


         A warning event occurred.  EventID: 0x80000749

            Time Generated: 12/04/2019   13:09:15

            Event String:

            The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site. 


         ......................... ARIZONA failed test KccEvent

      Starting test: KnowsOfRoleHolders

         [FILE] DsBindWithSpnEx() failed with error -2146893022,

         The target principal name is incorrect..
         Warning: FILE is the Schema Owner, but is not responding to DS RPC

         Bind.

         [FILE] LDAP bind failed with error 8341,

         A directory service error has occurred..
         Warning: FILE is the Schema Owner, but is not responding to LDAP Bind.

         Warning: FILE is the Domain Owner, but is not responding to DS RPC

         Bind.

         Warning: FILE is the Domain Owner, but is not responding to LDAP Bind.

         Warning: FILE is the PDC Owner, but is not responding to DS RPC Bind.

         Warning: FILE is the PDC Owner, but is not responding to LDAP Bind.

         Warning: FILE is the Rid Owner, but is not responding to DS RPC Bind.

         Warning: FILE is the Rid Owner, but is not responding to LDAP Bind.

         Warning: FILE is the Infrastructure Update Owner, but is not

         responding to DS RPC Bind.

         Warning: FILE is the Infrastructure Update Owner, but is not

         responding to LDAP Bind.

         ......................... ARIZONA failed test KnowsOfRoleHolders

      Starting test: MachineAccount

         ......................... ARIZONA passed test MachineAccount

      Starting test: NCSecDesc

         ......................... ARIZONA passed test NCSecDesc

      Starting test: NetLogons

         [ARIZONA] User credentials does not have permission to perform this

         operation.

         The account used for this test must have network logon privileges

         for this machine's domain.

         ......................... ARIZONA failed test NetLogons

      Starting test: ObjectsReplicated

         ......................... ARIZONA passed test ObjectsReplicated

      Starting test: Replications

         [Replications Check,ARIZONA] A recent replication attempt failed:

            From FILE to ARIZONA

            Naming Context: DC=ForestDnsZones,DC=AAAAAAABBB,DC=local

            The replication generated an error (1256):

            The remote system is not available. For information about network troubleshooting, see Windows Help.

            

            The failure occurred at 2019-12-04 13:04:13.

            The last success occurred at 2019-10-26 20:22:03.

            3713 failures have occurred since the last success.

         [Replications Check,ARIZONA] A recent replication attempt failed:

            From FILE to ARIZONA

            Naming Context: DC=DomainDnsZones,DC=AAAAAAABBB,DC=local

            The replication generated an error (1256):

            The remote system is not available. For information about network troubleshooting, see Windows Help.

            

            The failure occurred at 2019-12-04 13:04:13.

            The last success occurred at 2019-10-26 20:22:03.

            3713 failures have occurred since the last success.

         [Replications Check,ARIZONA] A recent replication attempt failed:

            From FILE to ARIZONA

            Naming Context: CN=Schema,CN=Configuration,DC=AAAAAAABBB,DC=local

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2019-12-04 13:04:13.

            The last success occurred at 2019-10-26 20:22:03.

            3713 failures have occurred since the last success.

         [Replications Check,ARIZONA] A recent replication attempt failed:

            From FILE to ARIZONA

            Naming Context: CN=Configuration,DC=AAAAAAABBB,DC=local

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2019-12-04 13:04:13.

            The last success occurred at 2019-10-26 20:22:03.

            3713 failures have occurred since the last success.

         [Replications Check,ARIZONA] A recent replication attempt failed:

            From FILE to ARIZONA

            Naming Context: DC=AAAAAAABBB,DC=local

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2019-12-04 13:04:13.

            The last success occurred at 2019-10-26 20:22:03.

            3713 failures have occurred since the last success.

         ......................... ARIZONA failed test Replications

      Starting test: RidManager

         ......................... ARIZONA failed test RidManager

      Starting test: Services

         ......................... ARIZONA passed test Services

      Starting test: SystemLog

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:12:45

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:17:46

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:22:47

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:27:49

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:32:50

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   12:34:43

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ARIZONA$. The target name used was DNS/ARIZONA.AAAAAAABBB.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:37:51

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   12:41:50

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ARIZONA$. The target name used was cifs/ARIZONA.AAAAAAABBB.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   12:42:51

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ARIZONA$. The target name used was LDAP/ARIZONA.AAAAAAABBB.local/AAAAAAABBB.local@AAAAAAABBB.LOCAL. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   12:42:51

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ARIZONA$. The target name used was ldap/ARIZONA.AAAAAAABBB.local/AAAAAAABBB.local@AAAAAAABBB.LOCAL. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:42:52

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:47:53

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   12:48:48

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ARIZONA$. The target name used was ldap/ARIZONA.AAAAAAABBB.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   12:49:13

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server file$. The target name used was E3514235-4B06-11D1-AB04-00C04FC2DCD2/bbab76ab-b026-4dc4-a529-f5a4fd9fae8b/AAAAAAABBB.local@AAAAAAABBB.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   12:50:33

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ARIZONA$. The target name used was LDAP/ARIZONA. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:52:54

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   12:57:55

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   13:00:32

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server file$. The target name used was cifs/FILE. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   13:00:49

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server file$. The target name used was AAAAAAABBB\FILE$. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   13:01:34

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ARIZONA$. The target name used was MSSQLSvc/ARIZONA.AAAAAAABBB.local:alamode08. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   13:02:57

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x000003EE

            Time Generated: 12/04/2019   13:07:58

            Event String:

            The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   13:11:46

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server file$. The target name used was LDAP/bbab76ab-b026-4dc4-a529-f5a4fd9fae8b._msdcs.AAAAAAABBB.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         An error event occurred.  EventID: 0x40000004

            Time Generated: 12/04/2019   13:11:46

            Event String:

            The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server file$. The target name used was ldap/file.AAAAAAABBB.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (AAAAAAABBB.LOCAL) is different from the client domain (AAAAAAABBB.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

         ......................... ARIZONA failed test SystemLog

      Starting test: VerifyReferences

         ......................... ARIZONA passed test VerifyReferences

   
   
   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

   
   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

   
   Running partition tests on : AAAAAAABBB

      Starting test: CheckSDRefDom

         ......................... AAAAAAABBB passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... AAAAAAABBB passed test CrossRefValidation

   
   Running enterprise tests on : AAAAAAABBB.local

      Starting test: LocatorCheck

         ......................... AAAAAAABBB.local passed test LocatorCheck

      Starting test: Intersite

         ......................... AAAAAAABBB.local passed test Intersite

Open in new window

Avatar of footech
footech
Flag of United States of America image

You can see failed replications in the dcdiag output.  You will need to correct that.

What's your topology like?  How many DCs do you have and where are they located (in which site(s))?

Run dcdiag from an elevated command prompt.  You will want to run it on each DC, or use the /e switch so you can see the results from the point of view of each DC.  Also run
dcdiag /v /test:dns
repadmin /showrepl  (/showreps on 2003, if I remember correctly)
Look in Event Viewer for relevant errors.
Hopefully your DC hasn't been tombstoned.  The default tombstone lifetime for 2003 was 60 days.  You can run the following to see what your domain is set to (blank result means 60 days) - change the distinguishedName to match your domain:
Dsquery * “CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=Domain,DC=com” -attr tombstoneLifetime

Open in new window

if the application has admin rights mapped drive letters do not work becuase the user context changed and the mappings do not apply for the admin user context.

a way out could be to create a new mapping in the application itself.

Sara
Avatar of Ima Bum
Ima Bum

ASKER

The Server is not tombstoned.

I can still ping the server by it's friendly name.
I can ping -a and resolve it.
nslookup using both friendly name or IP address works.

I still can't map network drives though using the server's name.

AD has the same errors/issues.

since this is a Win2008 server.
I'm considering, running DCPROMO , demoting the server.
then running DCPROMO again and promoting it.
since the Forest and Domain are still running at Win2003 and the only two servers in the domain are Domain Controllers running Win2008 R2, I'm thinking, I might as well promoto them to Win 2008 R2
You really didn't answer any of my questions besides stating that the DC is not tombstoned.

Describe your topology.
What's the result of the dcdiag commands?
What's the result of the repadmin command?
What errors did you see looking in the event logs?

Attempting to demote a DC while replication is not working will not work.  You would have to force a demotion and then clean up metadata, and that removed DC could never be connected to the domain again.  Also don't change the Forest Functional Level until replication is working.

I would also recommend the use of PortQry (from MS) to test whether specific ports are open between DCs.
Avatar of Ima Bum

ASKER

To be able to see my other server, I was able to get that working by using this article.
https://u-tools.com/help/PlanCleanup.asp
ASKER CERTIFIED SOLUTION
Avatar of Ima Bum
Ima Bum

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial