One morning, I cannot log on to the domain. All clients cannot logon. Netlogon is not working so I cannot use mapped drives. I cannot run tool like DCdiag. Event viewer - Event ID 13516 - FRS (File replication service) is no longer preventing the computer... from becoming a domain controller. I specify the ports, but client still cannot logon. Event viewer does not show any problem.

Any ideas...

:confused:

I had a similar problem when I installed a win2k DC, none of my earlier NT boxes could see the new DC.
I found it was fixed by turning off SMB, why I don't really know but it worked.

What OS are the clients that you are trying to connect?
Can you see the clients from the 2k3 box ?
Has the 2k3 box or clients been recently updated ?
Any changes on the 2k3 box ?
Can you ping the 2k3 box from the clients or vice versa ?
Is the domain running in mixed or native mode ?


Hope this gives you a few more things to think of.

Let us know how it goes and I'll have a look and see what can be found.

What OS are the clients that you are trying to connect?
Win XP

Can you see the clients from the 2k3 box ?
2k3 box can see the clients

Has the 2k3 box or clients been recently updated ?
not updated

Any changes on the 2k3 box ?
I believe windows firewall was enable, but disabled right afterward.
Can you ping the 2k3 box from the clients or vice versa ?
ping work in both direction.

Is the domain running in mixed or native mode ?
domain running mixed mode

The only changes I could think of was the enable then disable of window firewall from the NIC. When Checking the NIC, wirewall is disable.

Thanks,
Ben

Have you made any changes to group policy or local security settings on the server recently?

StuMegu,
No changes has been made, except for the enabled/disabled firewall stated above.

Thanks.

Have you tried re-enabling the firewall and allowing everything, basically making it transparent ?

Ben,
I have also done that as well.

I am planning to backup AD and re-install it this weekend.