Asked by:
Cross domain group policy loopback processing issue

-
Hi everyone.
I would appreciate if someone could help me in resolving the following issue
My forest contains 2 domains Dom-A and Dom-B which is having 2 way trust relationship.
Loopback policy configured and applied to Computer OU on DomainA to Hide local drives on that computer and deploying wallpaper etc. The setup worked for long time but all of sudden it was broken recently.
Dom-B user logon with Dom-B account into a Dom-A computer not getting loopback GPO however Dom-A user's logon with Dom-A computer getting loopback policy settings.
DC replication is good and DCDiag DNS test is good. Computers are located in different site and highly restricted. When I try to run GPupdate on one the machine, I am getting below error
The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller)..
Name resolution and Replication is good . I ran Portqry tool with default domains and trust option and found that Port 135, 389, 139, 3268 and 53 are listening.
Disabling Anti-virus is not helping us to fix the issue
If anyone has any idea or suggestion kindly let me know.
Question
All replies
-
Hi,
Did you have turned on firewall between the two domains?
If yes, please make sure that those ports, which AD DS required, is open on firewall.
Here is an article below about the ports requirement of AD DS may be helpful to you.
Active Directory and Active Directory Domain Services Port Requirements
https://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx
Best Regards,
Jay
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com. -
-