Hey all -
I've completed the complete upgrade to Windows 2003 R2 on all 4 of my domain controllers. =)
I have two in the forest root domain. And i have one in a child domain. And another in a DR site.
When i run dcdiag /e /v from the child domain controller i get the following error from both of the DC's in the parent domain.
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\PHMAINDC1\netlogon
Verified share \\PHMAINDC1\sysvol
[PHMAINDC1] User credentials does not have permission to perform this o
peration.
The account used for this test must have network logon privileges
for this machine's domain.
......................... PHMAINDC1 failed test NetLogons
I've noticed in the past some account permission issues when admin accounts from my parent domain tried accessing resources in the child domain and vice versa.
I ran this test logged in as the Administrator of the child domain -- what permissions need to be in place on the parent domain DC's to allow this child domain admin to run the specified tests ? is this normal ?
I also get errors when dcdiag attempts to access the parent DC's event logs with the classic "access is denied"
I could use a clearing up as to what should be the permission levels for each of the administrative accounts in the parent and child domain.
I've added myself as the enterprise admin and on numerous occasions i would still need to supply child domain admin credentials to access resources in that child domain -- what gives ?
Thanks..
--
HBooGz:\>
