+ Post New Thread
Results 1 to 8 of 8
Windows Server 2000/2003 Thread, Map Drive Problems / GPO not accessible in Technical; Last week as part of a server re-role we ran dcpromo on one of 2 backup domain controllers (server 2003) ...
  1. #1

    Join Date
    May 2008
    Location
    Norfolk
    Posts
    111
    Thank Post
    16
    Thanked 2 Times in 1 Post
    Rep Power
    13

    Map Drive Problems / GPO not accessible

    Last week as part of a server re-role we ran dcpromo on one of 2 backup domain controllers (server 2003) to revert the server back to a member server. Before we started as advised we removed any server roles which might have caused us problems such as DNS and the process seemed to complete with no errors shown. Additionally we also removed the way we use to provide map drives to staff and students which use to be via a logon script and is now done by a new server running 2008 R2 and the map drives option in two GPO's one for staff and the other for students.

    Today we have experienced a handful of cases both for staff and students whereby the users are unable to access the mapped drives such as staff and/or student shared areas. This seemed rather strange in that the majority of staff or students are not affected, yet!!!. My work around has been to provide a desktop shortcut as a temporary basis which the affected users can access without problems. Having looked at the event logs on the machines affected the common denominater seems to be a problem with the GPO not being applied and an error event log of 1058 with Userenv, the text then refers to windows not being able to access the file gpt.ini for the GPO as it cannot access the sysvol folder for this GPO.

    Now this is where some help would be much appreciated as since we have a DC and now 2 back up DC's, one being the new server I'm confused why the GPO is not accessible on at least one of these servers who are not showing any replication errors. How can I tell if the servers are replicating correctly and how do you tell on the client machine which server (sysvol folder) it is accessing to apply the GPO's ?

    Any advice would be welcome as I expect this is likely to get worse over the next few days.

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328
    When you demoted the server to a member server, did you update the list of DNS servers in DHCP Server?

    You can check servers are replicating in Active Directory Sites and Services from any DC. You can also force a manual replication too. Usually DNS is the root of all problems to do with DC replication failure.

  3. Thanks to Michael from:

    mickeyh080 (11th June 2012)

  4. #3

    Join Date
    May 2008
    Location
    Norfolk
    Posts
    111
    Thank Post
    16
    Thanked 2 Times in 1 Post
    Rep Power
    13
    Quote Originally Posted by Michael View Post
    When you demoted the server to a member server, did you update the list of DNS servers in DHCP Server? Yes I was following a useful guide and remembered to remove it from the DNS servers list.

    You can check servers are replicating in Active Directory Sites and Services from any DC. You can also force a manual replication too. Usually DNS is the root of all problems to do with DC replication failure.
    Active Directory Sites and Services still lists the old server (srv-003) but there is no NTDS settings beside it unlike the other 3 servers. Having checked the server event logs on the DC's there are no recent entries, it seems the only pointers are coming from the client machine event logs.

  5. #4

    Join Date
    May 2008
    Location
    Norfolk
    Posts
    111
    Thank Post
    16
    Thanked 2 Times in 1 Post
    Rep Power
    13
    Today the problem seems even more strange. On random client machines the shared areas are sometimes accessible and then either disappear from the My Computer window or show as not accessible. The client event log is not showing any errors at all now where as yesterdau we were getting the userenv entry. To assist staff accessing the shared area we dropped a shortcut on their desktop direct to the server i.e \\srv-008\shared\staff and for one member of staff when the problem occured she was even not able to access the shared area using this shortcut.

    Having checked the DNS servers they seem correct (no errors) and the DHCP server is only showing the two DNS servers in its server config.

    With no event log errors showing on the servers or client machines this is starting to become a guessing game, any thoughts would be welcome.

  6. #5

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328
    On your server expand Forward Lookup Zones, right click and select Properties

    On the nameservers tab are the servers listed correctly? Remove any servers that shouldn't be there, then repeat the process for Reverse Lookup Zones.

  7. #6

    Join Date
    May 2008
    Location
    Norfolk
    Posts
    111
    Thank Post
    16
    Thanked 2 Times in 1 Post
    Rep Power
    13
    Thanks Michael, I checked the forward Lookup zones but forgot to remove the entries from the reverse. Have amended accordingly and will wait and see if we get any more irate staff phone calls !!!

  8. #7

    Join Date
    May 2008
    Location
    Norfolk
    Posts
    111
    Thank Post
    16
    Thanked 2 Times in 1 Post
    Rep Power
    13
    Well the problem has improved in that the majority of the time the mapped drives appear for both staff and students and the users are able to access the dfs shares, but randomly it seems the user logon script (stafflogon.bat) which maps the drives and is located at the dfs share \\\domainname\netlogon fails to run for the xp users and hence the mapped drives do not show. The error log shows an entry for the failure with unable to run the logon script as the path to \\domainname\netlogon\stafflogon.bat is not available. If I then on the same desktop using the staff logon navigate to the same share it runs fine as it does for the majority of the time.

    Whats strange is that this seems to be randomly occurring throughout the school and occasionally even if drives do appear in the my computer window that sometimes the user is denied access to the share.

  9. #8

    Join Date
    Jun 2012
    Location
    Scotland
    Posts
    8
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Sounds like your dc demotion didnt go through properly - you need to do a Metadata cleanup to remove the old server properly from Active Directory. If you dont remove it cleanly you will have gpo niggles until you do. How to remove data in Active Directory after an unsuccessful domain controller demotion - is the MS article on this - make sure you have good backups and a local systemstate backups of all your DC's before doing this stuff.

    It's also worth checking secure channel for all your domain controller servers as well - do this from each DC server - log on as a domain adminstrator and from the run command try to access the c$ share on every other domcina controller e.g.

    Log onto server 1
    start - run - \\server2\c$
    start - run - \\server3\c$
    start - run - \\server4\c$

    Log onto server 2
    start - run - \\server1\c$
    start - run - \\server3\c$
    start - run - \\server4\c$

    etc

    If you get prompted for username and password at any point the secure channel is broken between the servers and needs to be sorted BEFORE you try to fix the failed dcpromo.

SHARE:
+ Post New Thread

Similar Threads

  1. Annoying mapped drive problem
    By ChrisH in forum Windows
    Replies: 19
    Last Post: 11th March 2011, 09:35 AM
  2. Problem with mapped drive access
    By dezt in forum Windows Server 2000/2003
    Replies: 3
    Last Post: 26th January 2010, 03:11 PM
  3. Multiple mapped drive problem
    By mullet_man in forum Scripts
    Replies: 7
    Last Post: 10th September 2008, 08:54 PM
  4. Odd mapped drive problem...
    By Ben_Stanton in forum Windows
    Replies: 2
    Last Post: 11th July 2008, 09:31 AM
  5. Replies: 7
    Last Post: 27th November 2006, 11:26 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •