Solved

Windows XP Professional clients cannot log on to Windows 2000 server after Restore of Server

Posted on 2004-03-29
10
724 Views
Last Modified: 2010-04-13
I am running a windows 2000 server with WIndows XP professional clients.
I just had to restore the Server from a backup for various reasons.  I used Norton Ghost 2003 latest update to do that.
The server works fine, BUT my clients are unable to logon.  I can ping all the machines so it is not a connectivity issue.
The message I get on the clients varies a bit, but mainly is that the domain controller for the domain cannot be found.
I have already tried to log on locally to one of the clients, then tried to rejoin the domain.  However, when I do that (using the Aministrator account), first the system tells me there already is a computer account for that computer and do I wish to use that; when I say yes the system tells me it is impossible to execute that command as more than one user with the same name are logged on at that moment.  Obviously, that is not the case.
The server directory lists all computer accounts.
I think that if I delete the computer accounts manually from my server database, I will probably be able to rejoin the domain, but for obvious reasons do not like to do that (and it is not a very elegant solution either).
I wonder if this happens as well when you break a mirror and want to use the second disk to reboot.
0
Comment
Question by:wilfrieds
  • 7
  • 2
10 Comments
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10703128
For any other experts who want to read the previous post that got us to this point:

http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20934946.html#10702949

Will ck back after I get to work..

FE
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10703147
BTW:  first experiment and verify that by deleting a computer account that you can now rejoin the domain..  could be that the SIDs are what is causing the problem...  

Breaking the mirror should not cause this to happen de facto..
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10704283
Try this:

Start->Run->CMD <enter>

NLTEST /Server:[YourServer] /sc_reset:[YourDomain]

NLTest may be from the resource kit though...hopefully you already have it...
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10704339
0
 
LVL 1

Author Comment

by:wilfrieds
ID: 10711563
I used the NLTest as suggested, but it gave me an error_nosuchdomain, which was weird because there definitely is a domain.  I did notice the NLTest belongs to the NT4 resource kit and not the W2K resource kit (which I had installed already, I had to download and install the NT4 one for this too).  Maybe that was the reason for the error.
Anyway, I was critically running out of time and decided to manually delete the computer accounts and create them again on the clients.  Took me a couple of hours to run from one computer to the next, but it worked.
After PC number 6 or so I started to wonder that there must be an easier way to create computer accounts, without having to implement SMS.  Any idea for that one?
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10712926
This is straight from the MS Technet:

http://www.microsoft.com/technet/community/scriptcenter/compmgmt/scrcm06.mspx

Create a Computer Account

Description

Creates and enables a computer account in Active Directory, which must be used by an Administrator when adding a workstation to the domain.

Script Code

=============

strComputer = "atl-pro-001"
Const ADS_UF_PASSWD_NOTREQD            = &h0020
Const ADS_UF_WORKSTATION_TRUST_ACCOUNT = &h1000
Set objRootDSE = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Computers," & _
                             objRootDSE.Get("defaultNamingContext"))
Set objComputer = objContainer.Create("Computer", "cn=" & strComputer)
objComputer.Put "sAMAccountName", strComputer & "$"
objComputer.Put "userAccountControl", _
                ADS_UF_PASSWD_NOTREQD Or ADS_UF_WORKSTATION_TRUST_ACCOUNT
objComputer.SetInfo

===============

Sorry we did not get this to you earlier..

FE
0
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 250 total points
ID: 10712936
and if you need to delete a computer account..  here is the flip side to the above..

Delete a Computer Account

Description

Deletes an individual computer account in Active Directory.

Script Code

========

strComputer = "atl-pro-040"
Set objComputer = GetObject("LDAP://CN=" & strComputer & _
                            ",CN=Computers,DC=fabrikam,DC=com")
objComputer.DeleteObject(0)

=========
0
 
LVL 1

Author Comment

by:wilfrieds
ID: 10712984
Thanks.
I can use that one for later.
The funny thing is all this happened because I wanted to implement system disk mirrorring to avoid having to do this kind of thing again!  ; - (
Mirrorring works fine now, so now I am waiting until the mirror breaks and I will have to start asking questions again .... ; - )
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10713044
In that case, we will be hanging around, ready and willing to help..  

G'luck..!!

FE
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10713051
And thank..!!

FE
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question