May look strange but are you running McAfee 8.0i??
Got someone that had something similar and the TDI driver of VS8 was the culprit... > -----Message d'origine----- > De : [EMAIL PROTECTED] [mailto:ActiveDir- > [EMAIL PROTECTED] De la part de vex > Envoyé : Friday, July 29, 2005 4:15 PM > À : ActiveDir@mail.activedir.org > Objet : [ActiveDir] Urgh... troubleshooting.... > > Greetings, > I've been a lurker here for quite some time and have had a relatively > quiet AD > until recently. > > We have a small network with 2K servers and a mix of 2K and XP2 > workstations. > Until recently, everything was find. > > Then Something Happened. > > I'm not sure what started the ball rolling, but it's certainly rolling > now. > > I have one server that is listed in the AD and DNS as a DC, but it won't > replicate AD either direction. I've spent a couple of hours doing some web > surfing and initial troubleshooting, but I've had less than stellar > success. (at > one point in time it was working fine, since I have a lot of older AD > information on the problem server) > > I've run DnsLint and all the DNS entries look good. > > When I do a 'net view \\servername' from the DC that does not have up to > date AD > information, I get a message back, "access denied", and a corresponding > entry in > the security log about a failure audit of the server I'm attempting to > view. But > when I do the same thing and use an IP address instead of a server name, > the net > view information displays. > > Another symptom is printer connections and drive mapping. If I'm at the > server > with the out of date AD information, I'm getting an 'access denied' > message when > attempting to connect to a network printer or map a network drive. > > All of the steps outlined above work fine when initiated from any of the > other > servers. It's almost like the server with the out of date AD information > is > allowing access, but the rest of the servers in the organization won't let > *that* particular server have access to any domain related "stuff", such > as > printers and network shares. > > I can't even run dcpromo and remove AD from the affected server because it > asks > for some sort of authorization from other DC's located in the > organization, but > the other DC's won't allow it to access information. I'm assuming it's > trying to > tell the other DC's to remove any pertinent entries from the AD in regards > to > the server that's attempting to have it's AD removed.... > > Does anyone have any links to places I can continue to search for > troubleshooting information? > > > > --Brett > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/