On Server 2008 R2 Enterprise, I keep getting event id 1110 errors from Group Policy, indicating Windows cannot tell if the user and computer are in the same forest. I can't find any obvious issue on the domain controllers. I can ping the DCs and nltest /server:<dcname> against the DCs returns no error. When I have a user execute gpresult /H GPOResult.html as suggested in Technet, it hangs. Reboot fixes the issue, but I need to find a better solution for the production environment. I also notice that if I go to add a user or group to the local Administrators group, it does not display the domain as a location from which to add users, just the local computer and "Entire Directory". Interestingly enough, if I select "Entire Directory" and enter a samid, it resolves it fine. Can someone point me in the right direction to resolve this issue?
Thanks