Join Log in
Score:1
avatar Server

GP and RDP not working after Domain Rename

gr flag
j748921

I recently carried out a domain rename on our domain controller. We switched from a .local to our domain name as we are planning to implement 365 very soon. Mostly everything went well with the switchover. I followed instructions to use rendom/netdom/gpfixup. What didn't work was gpfixup. When I ran these commands, they completed without errors and outputted "successful", however, it did not make any changed to the domain name/computername within GP. I ended up selecting the option to "Remove domain from this console", then I did a disk cleanup and re-setup GP under the new domain name. With this setup it had all the new updated information. I cannot execute a gpupdate.I get the following error.

The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: 
a) Name Resolution failure on the current domain controller. 
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

I have verified DNS and it looks to be resolving fine, especially because the DNS server is on the same machine I am trying to update GP on, the DC. Please let me know if you have any suggestions. Thank you in advance.

The following are additional events that show up in case it helps resolve the issue.

The Security System could not establish a secured connection with the server cifs/netbios/netbios@netbios. No authentication protocol was available.

The RD Session Host server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: No mapping between account names and security IDs was done.

Dynamic registration or deregistration of one or more DNS records failed with the following error: 
No DNS servers configured for local system.

Name resolution for the name _ldap._tcp.dc._msdcs.domain.name. timed out after none of the configured DNS servers responded.

The WinRM service failed to create the following SPNs: WSMAN/computername.domain.name; WSMAN/computername. 

 Additional Data 
 The error received was 1355: %%1355.

 User Action 
 The SPNs can be created by an administrator using setspn.exe utility.

Volume Shadow Copy Service error: Unexpected error calling routine RegOpenKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...).  hr = 0x80070005, Access is denied.
. 

Operation:
   Initializing Writer

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3d2d9bff-819e-4ab8-a78c-eff1aa57e779}
101
1 + 1
joeqwerty avatar
cv flag
joeqwerty
**We switched from a .local to our domain name as we are planning to implement 365 very soon** - Why exactly did you think this rename was needed as it relates to Office 365?
2
Reply
Score:0
Jesus Huesca avatar Server
cn flag
Jesus Huesca

Are all the issues you mentioning only appearing on the same TERMSRV computer? They looks like a permissions related issue.

Have you checked if you can login into the domain from that computer? Can you access to any shared resource from that computer?

It these test are unsuccessful rejoin the computer to the domain and try again.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.