One of the joys of being in this grand world we call tech, is the fun stuff you get to do. Like starting working at 4:45 in the morning to be on site early enough to deal with network login issues before the work crush begins. Which I got to do. Why? My good friend SYSVOL. God love her; she is a fickle one.
Here is the deal. If the SYSVOL folder isn’t shared, or isn’t shared properly, or if you have gone through several versions of NT Domains/Active Directory and the information gets corrupted as you update to yet another version of AD, then you are screwed until it is fixed. And, since services like Remote Desktop Connector need to access the AD information in order to log you in, you cannot fix it remotely. Which is why I was on the lovely roads of the SF Bay Area at 5:15 in the morning.
A quick side note; I don’t know how we (IT people) got by without Google. If you need to find out about almost anything (including spectacular ways in which not to do something) you can find it thorough Google. In fact, most times when I need to find out some way to fix a MS product, I do a Google search first; not just because I get more different ideas than the MS party line, but often times the Google search will give me more options than the MS support site will.
So, I fired off Google, and here is how I fixed my specific problem. Note: if you have any important or custom scripts and you can get to them, you will want to copy them out of the SYSVOL folder first:
Rebuild the SYSVOL and its contents
http://support.microsoft.com/kb/315457
This fixed the share problem, but then I started getting Userenv errors in the application log because the Group Policy .ini files were not recreated in \SERVERSYSVOLDOMAIN.COMPOLICIES. There are two GUID-named folders that were supposed to be in there. So, I followed this:
Group Policy Error Message When Appropriate Sysvol Contents Are Missing
http://support.microsoft.com/kb/253268
(I recreated the GPO folders)
THEN, I had to go into the Group Policy Editor AND the Domain Controller Security Policy editor and make a change (which I then reversed) in order to create the correct gpt.ini file in each of the two GUID-named folders.
Oh; and when I finished, the server firewall kicked in, blocking file and print sharing. Good times indeed!