I have a very small domain that consists of one Win2k Domain Controller (W2KDC) and one Windows 2003 member server (2K3SRV). The W2k3 server is not reading group policy correctly, because it can't access the SYSVOL folder in Active Directory properly.
Here is what I know:
1. Active Directory Users & Computers snap-in works just fine from both machines. Domain Group Policy snap-in only works from the DC; if I try to load the default domain policy on the web server (via mmc), I get "Failed to open...You may not have appropriate rights...The network path was not found"
2. If I try to access the SYSVOL via UNC (Start > Run > \\domain.net\sysvol), I get "\\domain.net\SYSVOL is not accessible. You may not have permission to use this network resource...The network path was not found."
-HOWEVER-
3. If I access SYSVOL via the DC's computer name & the UNC (Start > Run > \\W2KDC\SYSVOL), I can browse the subfolders & read everything okay.
4. I have triple-checked & verified the permissions to the sysvol share; everything is fine there.
5. netdiag.exe and dcdiag.exe both check out fine. DNS is okay, etc. Gpotool.exe even runs fine from the w2k3 box; it finds the DC and okays the policies with no errors.
6. If I join a Windows XP or 2000 pro machine to the domain, I can access sysvol via the Active Directory UNC (Start > Run > \\domain.net\sysvol) just fine. I joined a second win2k3 machine, and get the same access error.
Apparently, this is a problem with Windows 2003 accessing the Windows 2000 Active Directory SYSVOL share. On a related note, I have another, separate, Win2k domain with a w2k3 member server, and am not experiencing this problem.
HELP! (Please)
Here is what I know:
1. Active Directory Users & Computers snap-in works just fine from both machines. Domain Group Policy snap-in only works from the DC; if I try to load the default domain policy on the web server (via mmc), I get "Failed to open...You may not have appropriate rights...The network path was not found"
2. If I try to access the SYSVOL via UNC (Start > Run > \\domain.net\sysvol), I get "\\domain.net\SYSVOL is not accessible. You may not have permission to use this network resource...The network path was not found."
-HOWEVER-
3. If I access SYSVOL via the DC's computer name & the UNC (Start > Run > \\W2KDC\SYSVOL), I can browse the subfolders & read everything okay.
4. I have triple-checked & verified the permissions to the sysvol share; everything is fine there.
5. netdiag.exe and dcdiag.exe both check out fine. DNS is okay, etc. Gpotool.exe even runs fine from the w2k3 box; it finds the DC and okays the policies with no errors.
6. If I join a Windows XP or 2000 pro machine to the domain, I can access sysvol via the Active Directory UNC (Start > Run > \\domain.net\sysvol) just fine. I joined a second win2k3 machine, and get the same access error.
Apparently, this is a problem with Windows 2003 accessing the Windows 2000 Active Directory SYSVOL share. On a related note, I have another, separate, Win2k domain with a w2k3 member server, and am not experiencing this problem.
HELP! (Please)
