Issues on a new domain.

[KilluminatiStyle]

I've been fighting this problem for, well, technically about a week now and it's just driving me nuts.


Here's the deal -

We recently had a tech quit and I was given half his workload. He was in charge of 3 small domains around the area, all of which were severely FUBAR. 2 of them were so bad with replication issues or just general Active Directory "yuck" that the easiest and quickest solution was just to rebuild the domains. I got the privilege of dealing with one of these networks and things aren't going well.

The network is pretty simple. 2 DC's and 7 workstations. Now originally the issue here was that the 2 DC's would not replicate and active directory was only semi functional, allowing us to add users but any attempt to remove computers or users resulted in some headache. One of the DC's also had a failing RAID. Like I said, the decision was made to rebuild the domain from scratch and that's what I did this weekend.

**NOTE**

We are leaving the server with the RAID issues out of the network until we square it away.

After backing up the partitions on the server that I was going to rebuild I wiped the drives and reinstalled Windows Server 2003 R2. I downloaded and install all available updates from Microsoft and brought the server back to the business that owned it. When I was there I went through the MANAGE YOUR SERVER utility to create the domain and add all of the additional ROLES.

**NOTE**

This is a completely new domain, new name, fresh active directory, etc.


The first problem I was having had to do with assigning a static IP to the DC's NIC. I did this before I even created the domain and thought nothing of it. Throughout the rest of the role creation, DNS, DHCP, WINS, et., I had really no issues to speak of. When I was finished adding all of the necessary roles I ran DCDIAG and noticed a few red flags. I popped into the event viewer and saw lots of problems with DNS and IP issues.

I went back into the NIC configuration and popped back into the TCPIP settings and found that it was set back to "Obtain Automatically" for both IP and DNS. However, if I clicked on DETAILS it would show the information that I had assigned it earlier. Never the less, I toggled the radio buttons back and went reconfigured everything by hand and saved the settings. I opened the TCPIP settings again to check and it was right back to "Obtain Automatically" for both IP and DNS again.

I didn't know what to think. After doing some google searching I eventually found a few forums that recommended running through the steps outlined in THIS KB ARTICLE. So I did that and the issue was resolved. I did however end up with a side effect... server lost it's Primary DNS Suffix. I fixed that up and everything looked O.K.

I started bringing the workstations back onto the new domain and I quickly realized that I had forgotten to make the logon scripts and home folders available to the users in active directory. So I added the home folders and whipped up a script. I went to pop the script into the "C:\windows\sysvol\sysvol\swm.local\scripts" and found that the directory wasn't even there. All I had was "C:\windows\sysvol". I'll admit to being fairly new to domain creation/management but I don't ever recall having to create these directories and shares by hand before. I thought this got done during the creation of AD. Regardless I went through and made the directories and shared the proper ones out as SYSVOL and NETLOGON and added my script.

I tried to login on a workstation to see if the script work and it didn't. If I browsed through the directory and tried to double click on the script I was given an error that said something like Windows can not find the file or path, check your permissions. Permissions.... everything is set to read only for EVERYONE and I know I'm authenticating because I can browse through all directories and view and edit all kinds of stuff. It was at this point that I called it quits for the evening last night.

Is it possible that my issues with the TCPIP crap earlier are to blame for all of this? Why would the SYSVOL and NETLOGON shares not be created during the Active Directory creation? Should I just start over again with a new domain since I don't have a heap of time invested in this one yet and NO users have actually done any work on the new domain yet?

[glc]

In a nutshell, I think I'd probably start over, but do everything onsite connected to their network. This will eliminate some variables.

[KilluminatiStyle]

That's the only thing that I could think of as well, that having the server off-site initially may have had something to do with it. I think that's probably what I'll do. Thanks for the response.