S
Sau Pat
Hello,
I have a very weird problem. I have a fresh Win2016 server that I installed as a Domain Admin and successfully added it to a domain. The server is hardened and I am able to login and access other shares just fine. I noticed that I was getting an error with GroupPolicy accessing a policy. So I tried to access \\domain.local\sysvol and \\domain.local\netlogon and I got the "Windows cannot access \\domain.local\NETLOGON" error and the same for SYSVOL. I logged onto my Win2012, Win2012R2 and Win2008R2 servers as DA and can access those paths successfully. I can also access them via a Win10 desktop but cannot do so from a Win2016 server.
So, I asked another DA to login and do the same thing, and voila it worked for him. The only difference is that his account was created on a Win2012R2 domain and my DA account was carried on from a Win2003 domain. I compared both the accounts using the Attributes feature in AD, and didn't find anything of substance to this problem. I also read about HardenedPaths, and upon changing those keys to "0", it starts working for me, but I'd rather keep those security settings as is, especially when I know it works for the other DA. So I'm stuck in this very confusing problem and would appreciate any help/advise regarding this.
Thank you,
-S
Continue reading...
I have a very weird problem. I have a fresh Win2016 server that I installed as a Domain Admin and successfully added it to a domain. The server is hardened and I am able to login and access other shares just fine. I noticed that I was getting an error with GroupPolicy accessing a policy. So I tried to access \\domain.local\sysvol and \\domain.local\netlogon and I got the "Windows cannot access \\domain.local\NETLOGON" error and the same for SYSVOL. I logged onto my Win2012, Win2012R2 and Win2008R2 servers as DA and can access those paths successfully. I can also access them via a Win10 desktop but cannot do so from a Win2016 server.
So, I asked another DA to login and do the same thing, and voila it worked for him. The only difference is that his account was created on a Win2012R2 domain and my DA account was carried on from a Win2003 domain. I compared both the accounts using the Attributes feature in AD, and didn't find anything of substance to this problem. I also read about HardenedPaths, and upon changing those keys to "0", it starts working for me, but I'd rather keep those security settings as is, especially when I know it works for the other DA. So I'm stuck in this very confusing problem and would appreciate any help/advise regarding this.
Thank you,
-S
Continue reading...