Tom, Can you enable netlogon debug logging on both the W2k3SP1 machine and the GC logging the errors. I would recommend setting a dbflag entry of 0x2080ffff. On the W2k3SP1 machine after setting the flag can you restart the netlogon service so I can see the startup parameters on the GC a restart of the service should not be necessary? The following article describes enabling netlogon debug logging: http://support.microsoft.com/default.aspx?scid=kb;en-us;109626
If you can send me the netlogon.log from each machine I will take a look at them. To answer your other questions Term services manager normally uses the browser service to populate it list so verify that the browser service is running on the machine. As far as why object picker does not see the computer account did you go in and enable computer objects to be returned by the object picker as normally by default it will not return computer objects. Finally do you have any firewalls in place between where the new W2k3SP1 member server is and your DCs? Thanks, -Steve -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Monday, July 11, 2005 9:09 PM To: ActiveDir (E-mail) Subject: [ActiveDir] Win2k3 server issue Ok, i'm going thru this one more time because its driving me nuts- i win2k3 sp1 server was made a domain member by an admin. I then was called to install exchange 2k3 on it.. i term serviced to the server and ran domainprep(forestprep was run ages ago) and i got a "exchange2k3 is not compatibile with this software" error, which i googled and was told was benign as long as i installed sp1 for exchange after install. ok, i ran setup and i got an error that the win2k3 server was not a member of the exchange domain servers group and i would have to manually add it. That was weird because i could've sworn setup does it for you. so, i navaigate to the group via aduc and when i try to add the server, the object picker can't find it. you can see it in aduc in the computers container but the picker can't find it. also, the servr does not show up in Term Services manager the server also registered its a and ptr records in dns and is pointing to the correct dns servers. on my gc, i get this error- Event Type: Error Event Source: NETLOGON Event Category: None Event ID: 5790 Date: 7/11/2005 Time: 1:29:02 PM User: N/A Computer: SUALB-USR1 Description: No suitable Domain Controller is available for domain SUALB-EXCH2. An NT4 or older domain controller is available but it cannot be used for authentication purposes in the Windows 2000 or newer domain that this computer is a member of. The following error occurred: Access is denied. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 22 00 00 c0 "..À Now whats really weird about this is that SUALB-EXCH2 is NOT a domain but the name of the member server in question(no, its not running exchange yet). and now,when i term service to it, i can't logon. "Domain cannot be found". also i get "access denied" when trying to connect via comp management ot event viewer. though i can browse to the admin$ share. any help would be great. sorry to belabor the point but this is making me batty!! List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
