Hello,
We've a domain with 2 writable DC in head office and one Read-Only DC in branch office. We've some logon batches which mount the "network drives" to domain user profiles. Everything was working fine for a period. Now a day branch office users can access the network drives but not the share folders inside (the shared folder NTFS permissions are applied by "group" not by user account), but if we apply the permission by user that works fine.
I believe that there are some problems with Active directory replication which generates these type authentication problems, but couldn’t find how to resolve it. Your help will be highly appreciated.
For information:
- RODC is configured as GC
- On writeable DC, no errors
- Writeable DC is connected to RODC server via VPN, all traffic is allowed
***Here is the result of command DCDIAG on RODC server***
Starting test: DFSREvent
Errors or warnings detected in the last 24 hours
after sharing SYSVOL. Problems related to the failure of the
SYSVOL replication can cause problems Strategy
group.
......................... The test DFSREvent
RODC – succeeded
Starting test: SystemLog
A warning event occurred. Event ID:
0x000003F6
Time generated: 08/05/2013 5:05:28 p.m.
Chain of events:
Name resolution 20.3.168.192.in-addr.arpa expired when no
No one answered the configured DNS servers.
......................... The test SystemLog
RODC – succeeded
Starting test: VerifyReferences
......................... The test VerifyReferences
RODC – succeeded
****Here are some logs generated on RODC server***
-------------------------------------------------------------------------------------------
Journal Name: Directory Service
Source: Microsoft-Windows-ActiveDirectory_DomainService
Date: 23/07/2013 6:47:09
Event ID: 1224
Task Category: Internal Processing
Level: Warning
Keywords: Classic
User: ANONYMOUS LOGON
Computer: RODC.domaine.local
description:
An attempt to automatic update by the local domain controller information on one or more computer objects, or objects Server Settings objects failed.
This operation will be retried after the interval.
Interval (minutes):
5
additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
32b0980
XML Event
<event Xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> [^]
<System>
<Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
<EventID Qualifiers="32768"> 1224 </ EventID>
<Version> 0 </ Version>
<level> 3 </ Level>
<task> 9 </ Task>
<Opcode> 0 </ Opcode>
<keywords> 0x8080000000000000 </ Keywords>
<TimeCreated SystemTime="2013-07-23T04:47:09.392120800Z" />
<EventRecordID> 4303 </ EventRecordID>
<Correlation />
<Execution ProcessID="464" ThreadID="644" />
<channel> Directory </ Channel> Service
<Computer> RODC.domaine.local</ Computer>
<security UserID="S-1-5-7" />
</ System>
<EventData>
<Data> 5 </ Data>
<Data> 32b0980 </ Data>
<Data> 1355 </ Data>
<Data> The specified domain does not exist or could not be contacted. </ Data>
<Data>
</ Data>
</ EventData>
</ Event>
-----------------------------------------------------------------------------------------------------------------
Journal Name: DFS Replication
Source: DFSR
Date: 31/07/2013 9:00:13 p.m.
Event ID: 5014
Task Category: None
Level: Warning
Keywords: Classic
User: N / A
Computer: RODC.domaine.local
description:
The DFS Replication service is currently stopping communication with partner CAMBRIDGE replication group Domain System Volume due to an error. The service will attempt to re-establish the connection regularly.
Additional Information:
Error: 9036 (Paused for backup or restore.)
Connection ID: 0EACF62C-C9AE-4618-8A10-F6A3057ACB45
Replication Group ID: BE3F2387-162A-44A2-AF29-A637618C6A3C
XML Event
<event Xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> [^]
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="32768"> 5014 </ EventID>
<level> 3 </ Level>
<task> 0 </ Task>
<keywords> 0x80000000000000 </ Keywords>
<TimeCreated SystemTime="2013-07-31T19:00:13.000000000Z" />
<EventRecordID> 1061 </ EventRecordID>
<channel> DFS Replication </ Channel>
<Computer> RODC.domaine.local </ Computer>
<security />
</ System>
<EventData>
<Data> 0EACF62C-C9AE-4618-8A10-F6A3057ACB45 </ Data>
<Data> CAMBRIDGE </ Data>
<Data> Domain System Volume </ Data>
<Data> 9,036 </ Data>
<Data> Paused for backup or restore. </ Data>
<Data> BE3F2387-162A-44A2-AF29-A637618C6A3C </ Data>
</ EventData>
</ Event>
Thanks in advance for your help!!!