Solved

After this initial log on to Activie Directory server my xp clients lose access to network resources.

Posted on 2004-08-05
1
727 Views
Last Modified: 2010-04-14
What I did:
Had a mix of 98 and xp clients logging on to a NT 4.0 sp6a PDC.  It was the only domain controller on the network.  The server name was \\ocmntsvr1.  The Domain name was ocmnt_1.

Consequently, I was going to install an Exchange 2003 server, but it need to find an Active Directory.

Therefore I did the following: Built a new NT 4.0 sp6a called \\ocmadsvr, and made it a BDC.  It replicated the PDC accounts.  Then I downed the PDC, promoting the BDC to the PDC.  This worked great because I now had all my user account stuff.

Next I install Win 2000 as an upgrade on the new \\ocmadsvr machine.  As I installed Active Directory I also needed to have a DNS so I installed it on the same machine with the following domain name: ocmsinc.org.  This is our registered internet domain name.

All this seemed to work out fine.  I placed the original NT 4.0 sp6a PDC back on the network and demoted it to a BDC.  I had my users turn on and log in.  The 98 and xp clients logged into the original ocmnt_1 domain name.

All clients log in and can use home folders and printers on the old NT machine as well as the new Win 2000 Active Directory server.  However, after this initial log on my xp clients lose access to network resources on both machines \\ocmntsvr1 and \\ocmadsvr .  Upon trying to gain access to a network resource what the xp clients are presented with is another log on window that says “connect to \\ServerName , user name, and password.  After you type in the user name and password you get a message window that states the following: Log on unsuccessful:  “The user name you typed is the same as the user name you logged in with.  That user name has already been tried.  A domain controller cannot be found to verify that user name

Some things I have noticed:  
The xp client’s network properties showed they were members of the new domain ocmsinc.org.  Also the primary DNS suffix showed the new domain name ocmsinc.org.  

It seems to me a matter of in activity. ex. not using a network resource for maybe five minutes or more.

The 98 clients are not having this problem.

Meanwhile, if anyone is wondering.  Yes my xp clients do have a problem with slow log on or loading of personal settings, but these issues while the cause might be related seem to me to be two different problems.  I say this because some xp client log on and load settings quickly while others are slow and some are very slow.

Please help with any insight or recommendations.
0
Comment
Question by:dclima
1 Comment
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 11733425
That's probably a DNS problem; on your AD DC/DNS, and on all of your W2k/XP domain members, make sure the AD DC's address *only* is listed in the TCP/IP properties (be that via DHCP or static; do NOT use 127.0.0.1 on the AD DC/DNS itself!). That makes sure your internal lookups work correctly.
For internet access, delete the root zone (if present; it's the single dot: ".") on your DNS in your forward lookup zones. Then open the properties page of your DNS server and configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where non-AD-DNS server should be listed.

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

Setting Up the Domain Name System for Active Directory
http://support.microsoft.com/?kbid=237675

Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

HOW TO: Install Network Services Such as WINS and DNS in Windows 2000
http://support.microsoft.com/?kbid=261321

HOW TO: Install WINS in Windows 2000 Server or Windows 2000 Advanced Server
http://support.microsoft.com/?kbid=307314

How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811

How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/?kbid=314861

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708

DCDiag and NetDiag in Windows 2000 Facilitate Domain Join and DC Creation
http://support.microsoft.com/?kbid=265706

Do not install the Support Tools from your installation CD, some tools were updates by the Service Packs. Here's the current version:
Windows 2000 SP4 Support Tools
http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/supporttools.asp

SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question