New Domain / Target Computer Offline
Jay Bosworth Bosworth
My domain controller recently crashed and I had to rebuild it. Now that it is rebuilt I am not able to get anything to deploy with PDQ Deploy. I have tested my credentials and they check out, I even removed all credential settings and re-entered them and I still get "Target Computer Offline" Even with a computer that is sitting right next to me online.
Thanks,
0
Comments
Are you using Inventory as well? Is this just manually entering a hostname and trying to deploy to it?
Is windows firewall turned on on the machine in question? Did the IP address or name of the domain controller change? Did any Group Policies change or not get created again?
Wow okay, here goes:
Using it as inventory - no
It is pulling the host names from AD.
Windows Firewall is turned on and always has been even when PDQ deploy worked.
When I rebuilt the server on new hardware I gave it the same IP address and name.
All Group Policies had to be rebuilt from scratch because like I said my DC crashed. There are probably some I missed having no historic data to reference.
Try the following:
From the PDQ deploy server try pinging a machine you are having issues with by hostname, and then by IP address. Did they both return success? If not, look into it. I suspect this isn't the issue, but is a good first thing to try quickly.
Secondly can you browse here: \\<target>\c$ or \\<target>\admin$ or lastly \\<target>\ipc$?
Did those show up and let you browse to them? If not, I suspect a firewall issue is happening somehow. You can simply control that with group policy so it is the same everywhere.
Let me know if any of that doesn't work.
Looks like none of those work. It is weird though, I don't remember ever having to set a group policy for PDQ Deploy to work in the past. It has been several years though, so who knows...
Next Step: Disable the firewall on the deploy server and Target machine and test again. I bet an enterprise license they do.
Yes, seems to be working. I had already added PDQ Deploy service, program, and command line to the allowed list in the firewall on the server. What needs to be set for my clients?
Thanks,
Group Policy:
Computer Config> Policies> Admin Template> Network > Windows Firewall > Domain Profile
1. Allow Inbound File and Printer sharing Exceptions
2. Allow ICMP Exceptions
Set both to Enabled. We set ours up to only allow from our local subnet's range, but you can be as granular or as lax as you want. I would shoot for localsubnet though. Unless you have multiple VLANs or something like we do. My list is pretty ugly haha.
You know, now that you point the specific settings out it sounds more familiar and I am sure I probably had that set in my GPO before. Thank you so much for the help. I appreciate it.
You're welcome. While you are at it.....go ahead and backup that DC so you don't have to rebuild from scratch next time. And test your other backups while you are at it ;)