Solved

Windows 98 clients can't login when first DC is down.

Posted on 2003-12-05
8
427 Views
Last Modified: 2010-04-14
When I shut down the first DC that I setup for the domain, my Win98 clients can't login to the domain with the bad password/access denied message.  I know the domain is replicating OK, and my XP clients can login fine albeit a bit slower than usual.

It is a single domain with 2 domain controllers.

If I got the message "no domain server was able to validate your password" I would know that the clients couldn't even see the second DC so I'm a bit confused as to the problem.

Then I was thinking it was possibly an FSMO issue and PDC emulation, but I don't want to have to switch roles every time I take down a DC for maintenance or something.  Isn't that the job of AD?

Am I missing something simple?

Thanks!
0
Comment
Question by:kcorbiniqg
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9883804
1st, I already saw your posting in CS conserning that question.
2nd, let's see what we can tell that guy
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9883838
Oops, wrong question :-(
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9886927
Ummm, the problem is that you need to have a GC available. The reason your 2K clients logon is they are using cached credentials. It's not a big issue to resolve, however. Just add the second DC as a Global Catalog server, and you'll be fine.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:kcorbiniqg
ID: 9898097
Both DCs were already GC servers (the 'Global Catalog' box is checked under NTDS settings).  I then had just the non-primary DC be the GC server and still no dice.
0
 
LVL 6

Accepted Solution

by:
Casca1 earned 250 total points
ID: 9898143
Ok. Well, do these computers have the DSClient on them? If not, it's going to be an issue with the PDCemulator.
0
 
LVL 1

Expert Comment

by:cawelty
ID: 9900321
Is the one domain controller also the DNS server that the win98 clients are pointed to?  
0
 

Author Comment

by:kcorbiniqg
ID: 9905438
File this one under DOH!
After trying the PDC emulator role switch and the DSClient, it still didn't work.  This led me to start looking at all aspects of accessing the second domain controller.  Turns out, I had disabled File and Print Sharing.  I had done that a while back in a quest for minimalism while this machine was just an Exchange box and not a DC.

As usual, the most perplexing problems have the smallest fix.

Thanks for giving me some other things to think about however, and I was unaware of the DSClient in the first place so thanks for bringing that to my attention.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9905694
My pleasure, and thanks for the points and score.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Google always has something new and amazing up its sleeve, and the most current thing that they have been working on is another step in the evolution of Google Search, from machine learning to its brilliant successor, deep learning.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question