Is there a way to find why the DC is not listening on 445? -> Firewall rules checked , no denies found and the traffic is allowed. -> file share and print share services running. What else to check? Answer It would be very odd for a Domain Controller or, frankly, any Windows Server machine … Read more
Ever since I begun working with Windows Server 2008 I have noticed that the SYSVOL folder C:\Windows\SYSVOL\sysvol is shared and the NTFS permissions for the Authenticated Users group are almost maxed. Although I know that this folder has to be shared (and it is shared by default) I have to protect it somehow from the … Read more
I have a strange issue. We have a 2008R2 PDC and BDC. I can join the domain fine and everything seems “normal”. However, on some of the other 2008R2 servers, I am unable to do things like a gpupdate. When I try, I get an error that the clocks are wrong (they aren’t) and that … Read more
one of my DCs is missing a single GPO object – all others are there and appear to be the correct version. there are no errors related to DFS or FRS in event viewer that i can find. the server in question is 2008, although there are both 2003 and 2008 DCs in this domain. … Read more
I have recently added 2008R2 server in my existing environment. I have 2 existing DC’s before adding this one. But, Netlogon & Sysvol folders not showing in this new DC. Although, DNS & AD replication is working fine. Thanks, Sandesh Answer If you keep having issues with the AD replication try the burflag method. http://www.bostonit.com/KnowledgeBase-Links-Articles/Reinitializing-Forcing-File-Replication-Service-using-Registry-key-BurFlags-D4.html … Read more
I Got the answer that:- In the ADSIEDIT.MSC tool modify the following distinguished name (DN) value and attribute on each of the domain controllers that you want to make non-authoritative: CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=,OU=Domain Controllers,DC= msDFSR-Enabled=FALSE Here is my ADSIEDIT Window, but i am not able to find, CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=,OU=Domain Controllers,DC= Please find … Read more
I’ve run into a strange problem that I suspect may be related to DC replication. We have two DCs, let’s called them domaincontroller1 and domaincontroller2 for the purpose of this question. We’ve put a Powershell file (.ps1 extension) in \\domain.local\sysvol\domain.local\scripts\Logon. This is used as a GPO logon script. On some machines on our domain, the … Read more
I have the following setup: Two Domain Controllers in different sites (both Windows Server 2016) -The sites are permanently connected via a VPN (so the servers can directly reach each other) The Domain Controllers are in different subnets The Domain Controllers are both Global Catalogs The problem I have is with the syncing/replication of SYSVOL … Read more
I have a topology with 2 sites (SiteA and SiteB). Sites are connected thru a VPN (OpenVPN network to network), every traffic is playing well (Ping, SMB, RDP, SSH, Web etc.) All DCs are running Windows 2012 R2. On SiteA, I have 2 DCs running smoothly, named : SRV-AD1 / 192.168.100.1 SRV-AD2 / 192.168.100.2 On … Read more
In my C:\Windows\SYSVOL\domain\Policies I have two foldes I can’t open … gets “Access denied”… If I try to change perssion I get the message, that I do not have permission: From my backup, I can see the two folders are empty. These two “access denied” folders make my DFS Replication fails. How do I get … Read more
