Stillb0rn

I've done that and 1 hop is its destination.. i'd love to try a trace while GP is trying to install the updates. After any user logs in i can access the share via rpc just fine.

You get around that by having multiple Office 2003 AIPs (one for each site) and creating a seperate Office 2003 GPO for each site (assuming that the computers/users for each site are in their own containers as they should be ). Unfortunately there are other things holding me back from using dfs such as the proprietary applications which require certain files with identical names having different content. Its a mess I know.. the best solution for my scenario would be a working DNS pointer.

I'm pointing my clients to \\softdist\apps where as softdist will be resolved with a different IP for each site. Host records were created in the forward lookup zone on each GC's DNS server as softdist with the GC's IP address. Problem being each GC's share has slight modifications pertaining to office2003 region specific nonsense, along with some proprietary stuff.. Otherwise dfs would be ideal. I've switched from using cnames to a host record and its the same problem. If you have any more insight into DFS, maybe to exclude certain directories that would be perfect. I've never actually used dfs myself other than the standard netlogon and sysvol shares.

Hello everyone, I seem to be having group policy issues relating to DNS *possibly*... here's the scenario.. I have multiple locations each with its own GC running windows server 2003 standard, each GC is also a DNS, WINS, DHCP server. I am trying to set up a group policy for software deployment that uses a DNS alias to point to the local server's IP or fqdn (cname and A records produce same result). For example I want //softdist/apps to be the universal distribution point for software since all servers in multiple locations have identical shares. I have run into several errors along the way to get this working. The first error i came across was "Access denied" when trying to map to the share. I researched this error and found the solution was to add a registry entry on every server to disable strict name checking.. which I have done. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters] "DisableStrictNameChecking"=dword:00000001 The second error was the inability to map to //softdist/* from the server itself, which I found the solution for. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "DisableLoopbackCheck"=dword:00000001 OK. So I now have what should be a working universal DNS software distribution point that GPMC will like. But unfortunately that is not the case. On all local machines on which I have the policy assigned to they cannot access the share. The event log fills up as follows.. Event ID 1085 The Group Policy client-side extension Software Installation failed to execute. Please look for any errors reported earlier by that extension. Event ID 108 Failed to apply changes to software installation settings. Software changes could not be applied. A previous log entry with details should exist. The error was : %1612 Event ID 102 The install of application Chinese Traditional Fonts Support For Adobe Reader 8 from policy CIFC Adobe Reader failed. The error was : %1612 Now.. This could mean that there is a permission issue or the share is unavailable. To rule out permission I changed the software distribution location to \\servername\apps\whatever and the machines no longer error out. And to rule out share being unavailable I tested mapping to \\softdist\* after user login and this works. Question.. What am i missing?