General discussion

Locked

AD gone Crazy

By damonk ·
I need help. All of my dc's in my AD cannot access the RPCLocator service. When I try to promote or demote I get the error message access is denied for RPCLocator service.

I can join client to the domain, however cannot join servers.

My dc's are not picking up the default domain controller policy for the DCOU, but it's picking up the default domain policy.

Data is replicating between all server however. The AD replication monitor is showing successful replications.

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Try this on your Domain Controller

by MDDM In reply to AD gone Crazy

Grant the Enterprise Admins group the user right "Access this computer from the network", and then refresh the security policy. Follow these steps:


In Active Directory Users and Computers, click the Domain Controllers object.
Right-click the domain controller name, and then click Properties.
In the domain controller's Properties dialog box, click the Group Policy tab.
Click Default Domain Controllers Policy, and then click Edit.
Navigate to Computer Configuration\Windows Settings\Security Settings\Local Policy\User Rights Assignment, and then double-click Access this computer from the network.
Add the Enterprise Admins group to the list of groups to be granted this user right.
To refresh the security policy, type the following at a command prompt and then press ENTER:

SECEDIT.EXE /refreshpolicy MACHINE_POLICY /ENFORCE

Back to IT Employment Forum
2 total posts (Page 1 of 1)  

Related Forums