MyDanes
asked on
Can NOT login with Domain Account
Domain controller -
windows 2003 small business
second server is the old NT with our mission critical Database on it.
Get error can not log on interactively but it is at the LOCAL machine We are DOWN.
I tried RESOLUTION
To correct this problem and provide local access when connected to the domain, do the following:
Log off the domain and log on to the local computer using an account with administrative rights.
Go to the Administrative Tools group, select User Manager, click the Policies tab, and select User Rights.
Use the down arrow next to the "Right" dialog box and select "Log on locally", and then click Add. The Add Users and Groups dialog box is displayed.
In "List Names From:" select the domain name, and then in the Add Names box type your <domain name\username>. Click OK. The User Rights Policy dialog box is displayed with the new user name added to the list. Click OK.
Log off and back on. At the Welcome dialog box, select the domain and log on. You now have local logon access rights.
PLEASE HELP I would assign a BILLION points if I could :)
windows 2003 small business
second server is the old NT with our mission critical Database on it.
Get error can not log on interactively but it is at the LOCAL machine We are DOWN.
I tried RESOLUTION
To correct this problem and provide local access when connected to the domain, do the following:
Log off the domain and log on to the local computer using an account with administrative rights.
Go to the Administrative Tools group, select User Manager, click the Policies tab, and select User Rights.
Use the down arrow next to the "Right" dialog box and select "Log on locally", and then click Add. The Add Users and Groups dialog box is displayed.
In "List Names From:" select the domain name, and then in the Add Names box type your <domain name\username>. Click OK. The User Rights Policy dialog box is displayed with the new user name added to the list. Click OK.
Log off and back on. At the Welcome dialog box, select the domain and log on. You now have local logon access rights.
PLEASE HELP I would assign a BILLION points if I could :)
ASKER
we have tried to Rename the server
we have disconnected and made to a workgroup
then we rebooted and join domain and click check box to create account for computer and give correct user/password for DC it says 'welcome' to the domain but then reboot and can NOT connect get this rediculous error.
we have disconnected and made to a workgroup
then we rebooted and join domain and click check box to create account for computer and give correct user/password for DC it says 'welcome' to the domain but then reboot and can NOT connect get this rediculous error.
ASKER
I even tried to plug my 500g external maxtor one touch IV plus
It won't read on the NT 4 server - I would try and move my db to the DC to get back up and running
It won't read on the NT 4 server - I would try and move my db to the DC to get back up and running
I think we can work this out but I need to clarify a few things first.
You have SBS 2003 server as your PDCe?
And you have an NT4 server that you need to join the domain with?
You have SBS 2003 server as your PDCe?
And you have an NT4 server that you need to join the domain with?
ASKER
YES - But I do NOT want my Active directory in Mixed Mode.
ALso - NEW problem IT IS A DISAsTER
XP boxes that were part of the OLD NT DC we change to workgroup
reboot
login
change to new domain
Says WELCOME
then reboots
THEN CAN"T LOGIN to thos machines AT ALL.
We have TWO so far that have done this and we can't access them.
ALso - NEW problem IT IS A DISAsTER
XP boxes that were part of the OLD NT DC we change to workgroup
reboot
login
change to new domain
Says WELCOME
then reboots
THEN CAN"T LOGIN to thos machines AT ALL.
We have TWO so far that have done this and we can't access them.
It has to be in mixed mode brother.
NT uses a form of authentication called NTLMHash, while the default authentication protocol for a 2003 server SBS is Kerberose.
It's all right here: you may be able to allow NTLMHash in SBS.
https://www.experts-exchange.com/questions/23132123/Computer-failed-to-join-or-logon-to-domain-days-later-after-reboot.html
NT uses a form of authentication called NTLMHash, while the default authentication protocol for a 2003 server SBS is Kerberose.
It's all right here: you may be able to allow NTLMHash in SBS.
https://www.experts-exchange.com/questions/23132123/Computer-failed-to-join-or-logon-to-domain-days-later-after-reboot.html
I should rephrase that. Your PDCe will need to be able to authenticate NTLMHash. It may not have to be in mixed mode unless you have AD projects that you need to transfer over to the new DC.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
WARNING***WARNING***WARNIN
Please create a system restore point and backup your registry prior to doing anything. One little mistake on this can lock you out of your domain and cause unrecoverable blue screens.
Please create a system restore point and backup your registry prior to doing anything. One little mistake on this can lock you out of your domain and cause unrecoverable blue screens.
ASKER
Thank you
Excellent:
Thanks. Glad to see you are up.
Thanks. Glad to see you are up.
ASKER