Hi all,
Recently I found on our domain that I couldn't connect to \\contoso, but could connect to \\dc-contoso-1 and \\dc-contoso-2
Basic tests on DC were OK, and finally found that somehow, someone joined a computer to the domain with the same domain name, that is, computer account CONTOSO$ was created on domain CONTOSO.
If that matters, one of our DC is server 2008R2 and other one is 2003.
What also amazed me is that after digging in event viewer, found the computer CONTOSO joined domain on october 2014, that's 5 months ago!
So, basically, my 2 questions are:
1) How can I prevent this to happen again? Somehow I thought A.D. wouldn't let join a computer with same name as the domain it joins.
2) What things may have been broken while this computer name is listed in domain? I'm still amazed that users could log in, and that GPOs (apparently) worked fine, so, what should I expect to see working again now? Lately I had problems with shared printers on print servers, and seen strange event id 4 with KRB_AP_ERR_MODIFIED errors that may be related to it, but not sure at all if that may be related or not with this.
Thanks in advance