Mackintire
2[H]4U
- Joined
- Jun 28, 2004
- Messages
- 2,984
OK so here's a real weird one.
We have three AD/DCs (2) in the datacenter and (1) locally
A couple of our users cannot:
All of these users have full local Admin rights on their workstations.
I've restarted all the AD/DCs
I've checked and modified local security policy a couple of different ways.
I've checked Kebros authentication logs for errors.
On the static machines I've individually tested each of the DNS servers with no issues.
Here's the weird part:
Take those same machines...and move them into our static IP range 10.10.1.2-254 and boom ( things start working) .
WTH!!!!
Example of our network
10.10.1.1 /24 256 addresses Static Win 2003 R2
10.10.2.1 /23 512 addresses DHCP via ASA 5505 at a remote site
10.10.4.4 /23 512 addresses DHCP Win 2003 R2 with some of the addresses excluded at the datacenter and the other addresses excluded from distribution locally: This is so that when we have an outage machines don't go nuts from the loss of contact to the DHCP at the datacenter.
10.10.8.1 /22 1024 addresses DHCP Win 2003 R2 Not in use currently.
We have three AD/DCs (2) in the datacenter and (1) locally
A couple of our users cannot:
- Install a program that authenticates against AD
- Create Mapped drives on their workstations
All of these users have full local Admin rights on their workstations.
I've restarted all the AD/DCs
I've checked and modified local security policy a couple of different ways.
I've checked Kebros authentication logs for errors.
On the static machines I've individually tested each of the DNS servers with no issues.
Here's the weird part:
Take those same machines...and move them into our static IP range 10.10.1.2-254 and boom ( things start working) .
WTH!!!!
Example of our network
10.10.1.1 /24 256 addresses Static Win 2003 R2
10.10.2.1 /23 512 addresses DHCP via ASA 5505 at a remote site
10.10.4.4 /23 512 addresses DHCP Win 2003 R2 with some of the addresses excluded at the datacenter and the other addresses excluded from distribution locally: This is so that when we have an outage machines don't go nuts from the loss of contact to the DHCP at the datacenter.
10.10.8.1 /22 1024 addresses DHCP Win 2003 R2 Not in use currently.