Solved

Windows NT BDC does not authenticate users when Win 2k AD PDC is offline

Posted on 2003-11-20
6
363 Views
Last Modified: 2013-12-19
Heres the scenario.  I have a Windows 2000 Server SP-4 Active Directory Domain Controller acting as the PDC emulator.  I have a second Windows NT 4 SP-6a server running as the BDC.  When the Win 2k server is up and running all is well.  If I take the Win 2k AD server offline for any reason no one can log onto the domain.  For some reason the BDC does not authenticate users.  I can synchronize between the two machines with no problem.  There are no errors in the log when both machines are running.  When the PDC is offline the BDC generates netlogon error events 5719 and 5722.  These errors state that there is no domain controller available and that the computer accont cannot be validated.

Any one have any suggestions?

Thanks
Joe
0
Comment
Question by:jpmigliozzi
  • 2
  • 2
6 Comments
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 9793930
FYI:

Event ID 3210 and 5722 Appear When Synchronizing Entire Domain
http://support.microsoft.com/?id=kb;en-us;142869

Netlogon Event ID 5770 and 5722 on Primary Domain Controller
http://support.microsoft.com/?id=kb;en-us;180114

heop it helps,
bbao
0
 
LVL 1

Author Comment

by:jpmigliozzi
ID: 9797146
Thanks for the input.  I already took a look at these articles and neither of them explain my specific problem.  I have a Win 2k AD domain controller with a Win NT 4 BDC.  They synchronize just fine.  Its when the Win 2k AD server is offline that no one can authenticate against the BDC.  The BDC throughs errors in the event log about no domin controllers exist and that computer accounts with access denied errors.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 9939853
sorry for late reply. i think you may try netdom.exe, available in w2k resource kit.
0
 
LVL 1

Author Comment

by:jpmigliozzi
ID: 11887015
Upgraded the Win NT 4 machine to Win 2k.  Problem resolved.

joe
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 11922610
PAQed, with points refunded (250)

modulo
Community Support Moderator
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now