Hi - apologies for the crosspost but I realy wasn't sure which group would
be best to ask this question.
Win2k AD, Win2k/XP clients.
I have multiple AD sites, all with 1 dc each.
In my main site I have just added a second DC. The DC passes netdiag and
dcdiag without any errors, replication is also working fine (checked with
replmon and repadmin). The DC is in the correct site in Sites and Services
also, and can authenticate users fine.
However, we use network boot disks to map to a file server share and run
GHOST to clone machines (drive mapping boot disks). Since this second DC
has been installed, booting a client to the network via a network boot disk
is OK (it asks for a username/password) but you get an 'access denied'
message (I'll get the full message and post back if anyone has any ideas).
If you shut the second DC down, all works fine? The only erros on the DC's
event logs are 8006 and 8016 MRxSMB at the time the boot disk machine is
authenticating, but I've always had these before the second DC was brought
online and it has worked for years.
I've had multiple DC's running before, and on this site and this has all
worked no problem. The second DC won't allow these DOS (if that's what they
are) clients to authenticate.
Ran DCPROMO on the second DC demoting it, left it a while whilst replication
took place, then DCPROMO'd it again to a DC and all is well.
Very strange.
"Andrew Story" <andrewDOTstoryATjameswalkerDOTbiz> wrote in message
news:eiikcW2oHHA.4512@TK2MSFTNGP03.phx.gbl...
> Hi - apologies for the crosspost but I realy wasn't sure which group would
> be best to ask this question.
>
> Win2k AD, Win2k/XP clients.
>
> I have multiple AD sites, all with 1 dc each.
>
> In my main site I have just added a second DC. The DC passes netdiag and
> dcdiag without any errors, replication is also working fine (checked with
> replmon and repadmin). The DC is in the correct site in Sites and
> Services also, and can authenticate users fine.
>
> However, we use network boot disks to map to a file server share and run
> GHOST to clone machines (drive mapping boot disks). Since this second DC
> has been installed, booting a client to the network via a network boot
> disk is OK (it asks for a username/password) but you get an 'access
> denied' message (I'll get the full message and post back if anyone has any
> ideas). If you shut the second DC down, all works fine? The only erros on
> the DC's event logs are 8006 and 8016 MRxSMB at the time the boot disk
> machine is authenticating, but I've always had these before the second DC
> was brought online and it has worked for years.
>
> I've had multiple DC's running before, and on this site and this has all
> worked no problem. The second DC won't allow these DOS (if that's what
> they are) clients to authenticate.
>
> Any ideas/suggesstions much appreciated.
>
>
>
Andrew Story wrote:
> Sorted,
>
> Ran DCPROMO on the second DC demoting it, left it a while whilst replication
> took place, then DCPROMO'd it again to a DC and all is well.
>
> Very strange.
>
> "Andrew Story" <andrewDOTstoryATjameswalkerDOTbiz> wrote in message
> news:eiikcW2oHHA.4512@TK2MSFTNGP03.phx.gbl...
>> Hi - apologies for the crosspost but I realy wasn't sure which group would
>> be best to ask this question.
>>
>> Win2k AD, Win2k/XP clients.
>>
>> I have multiple AD sites, all with 1 dc each.
>>
>> In my main site I have just added a second DC. The DC passes netdiag and
>> dcdiag without any errors, replication is also working fine (checked with
>> replmon and repadmin). The DC is in the correct site in Sites and
>> Services also, and can authenticate users fine.
>>
>> However, we use network boot disks to map to a file server share and run
>> GHOST to clone machines (drive mapping boot disks). Since this second DC
>> has been installed, booting a client to the network via a network boot
>> disk is OK (it asks for a username/password) but you get an 'access
>> denied' message (I'll get the full message and post back if anyone has any
>> ideas). If you shut the second DC down, all works fine? The only erros on
>> the DC's event logs are 8006 and 8016 MRxSMB at the time the boot disk
>> machine is authenticating, but I've always had these before the second DC
>> was brought online and it has worked for years.
>>
>> I've had multiple DC's running before, and on this site and this has all
>> worked no problem. The second DC won't allow these DOS (if that's what
>> they are) clients to authenticate.
>>
>> Any ideas/suggesstions much appreciated.
>>
>>
>>
>
>
Booting clients to the network via floppy 
Linear Mode
