Category Archives: Group Policy

disable SMB2 caused massive DFS issues on 2012 R2 Domain Controller

  1. Users are not able to access shares on server
  2. unable to access netlogon and sysvol share on server
  3. unable to load or edit GPO’s
  4. DFS namespace seems to be broke on the domain controller

GPO2 GPO1 netlogon1
updates1

 

Decided to open a case with MS Support before restoring from backups.

  1. ¬†‘netdom query dc’ ¬†– resulted in error
  2. net share
  3. \\localhost – failed to open shares on server
  4. \\server\sysvol – failed to open with ‘You might not have permissions to use this network resource’ The specified network name is no longer available.
  5. Advanced Settings in Network adapter, Provider Order, Symantec was at top, moved WIndows Network up to top priority
  6. netsh int tcp show global
  7. C:\ programdata, microsoft, crypto, rsa, machinekeys
  8. uninstall Symantec Endpoint Protection Client per MS support, and reboot
  9. fltmc
  10. gpupdate /force failed
  11. DIsabled SMB2 the correct way instead of through the registry, this resolved all issues after rebooting