Announcement

Collapse
No announcement yet.

\\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

    Hi,

    I'm having some issues with GPO in a new domain.

    So far there are 3 Domain Controllers on 3 geographic sites (linked together via VPN).

    server1.domain.local (Master)
    server2.domain.local
    server3.domain.local

    I've created Some OU based on this model.

    Domain (OU) \ Site1 (OU) \ Administration (OU)

    SYSVOL replication through the DC work fine. The problem is as follow:

    I get evend ID 1030 and 1058 saying that GPO couldnt be applied (or something like this). Anyway, i've tested with the user the access to \\domain.local\SYSVOL and it says that it's not accessible. I tried \\server3\SYSVOL\ and the user browse it no problems.Then, i decided to ping domain.local which resolves fine. I logoff from the user, connected with a Domain Admin on the same computer, and SYSVOL is accessible.

    I'm guessing this has something to do with rights etc. Though, i never changed anything to the SYSVOL share and sub-directories. IM kindda clueless about what's going on, so, if anyone could tell me what is going on, it would be greatly appreciated.

    Best regard,

    trep
    Last edited by trep; 25th March 2008, 14:22.

  • #2
    Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

    Check out this KB Article. It sounds like it might help with your problem.

    http://support.microsoft.com/kb/839499
    Andrew

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    Comment


    • #3
      Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

      Also you can follow the article http://support.microsoft.com/kb/842804 . Check out the Cause section and confirm all of them.

      MurTuzA
      The Never Ending Loop of User Rights
      START
      Q. Why is Windows so insecure?
      A. Because everyone runs as Administrator.
      Q. Why does everyone run as Administrator (even when they know better)?
      A. Because they don't understand security and are afraid they will be prevented from doing things.
      Q. Why don't they understand security?
      A. Because they run as Administrator, bypassing all security.
      LOOP TO START

      Comment


      • #4
        Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

        I agree with ahinson............But post by MurTuzA is not relevent.

        Regards,
        Kapil Sharma
        ~~~~~~~~~~~~~
        Life is too short, Enjoy It.

        Comment


        • #5
          Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

          Originally posted by kapilsharma11 View Post
          I agree with ahinson............But post by MurTuzA is not relevent.

          Regards,
          All I had suggested was checking the NTFS permissions on the Sysvol share on all DC's to confirm that they are correct. The KB article mentioned by ahinson is definitely a step in the right direction but I doubt if the user has made any SMB related changes in the envrionment.

          MurTuzA
          The Never Ending Loop of User Rights
          START
          Q. Why is Windows so insecure?
          A. Because everyone runs as Administrator.
          Q. Why does everyone run as Administrator (even when they know better)?
          A. Because they don't understand security and are afraid they will be prevented from doing things.
          Q. Why don't they understand security?
          A. Because they run as Administrator, bypassing all security.
          LOOP TO START

          Comment


          • #6
            Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

            Hi,

            Thanks for your answers. I'm currently looking at this KB:

            http://support.microsoft.com/kb/887303/en-us

            I'll take a look at the others KBs posted here.


            What i think might be causing problems is that the servers aren't all on the same geographical site. Just a quick explanation of the architecture. Right now, there are 4 sites. 10.0.1.* - 10.0.2.* - 10.0.3.* - 10.0.4.*

            10.0.2.* is the VPN nod. That means everything routing to 10.0.1.* etc. is going through 10.0.2.*.

            10.0.1.* holds the shema master. So, when the DC on 10.0.1.* wants to replicate with 10.0.4.* it goes through 10.0.2.*

            The problem is quite simple, the traffic isn't allowed between 10.0.3.* and 10.0.4.*, thus, making impossible for the DC on both site to replicate between themselves.

            trep

            Comment


            • #7
              Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

              I guess it would be a good idea to have all your FSMO roles in a location that everyone can reach indeed..
              VCP on vSphere (4), MCITP:EA/DBA, MCTS:Blahblah

              Comment


              • #8
                Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

                Maybe i wasn't clear, but everyone can reach the fsmo holder...

                Comment


                • #9
                  Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

                  I figured i'd post the window popping when i try to access \\domain.local\sysvol from a DC:



                  trep

                  Comment


                  • #10
                    Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

                    Google seems to show a few things for this. A lot seem to imply DNS errors and maybe the bindings being in the wrong order?

                    http://www.techsupportforum.com/netw...s-problem.html

                    http://bink.nu/forums/p/5921/6682.aspx

                    http://forums.whirlpool.net.au/forum...fm/394114.html

                    http://forums.whirlpool.net.au/forum...fm/394114.html
                    cheers
                    Andy

                    Please read this before you post:


                    Quis custodiet ipsos custodes?

                    Comment


                    • #11
                      Re: \\domain.local\sysvol\ not accessible - \\server\sysvol\ is fine

                      Thanks for the reply.

                      Due to the actual topology, there are 2 DCs who cannot communicate with each others, which results in an "unreachable" status from the DFS test. I'm guessing this is the problem. Anyway, topology should change soon and that should resolve the issue.

                      trep

                      Comment

                      Working...
                      X