I'm having a problem. I upgraded a domain controller from Windows 2000 to Windows 2003. Everything seemed to work fine Friday afternoon, than when I came back on Monday I was unable to login to the server as a domain user. I can login as the domain administrator with no problem. I attempted to run dcpromo to remove the domain controller status, but it gave me the error message "Replication access was denied". I followed the steps on http://support.microsoft.com/default.aspx?scid=kb;en-us;329860
(Microsoft KB #329860), but still have the same problem.
My new 2003 server (MES-ADM1) is located in the Domain Controllers folder on Active Directory Users and Computers, I adjusted the settings as directed in ADSI edit, and when I attempt to run nltest /sc_change_pwd:local (the domain name is "local"), I get the following error:
I_NetLogonControl failed: Status = 1787 0x6fb ERROR_NO_TRUST_SAM_ACCOUNT
I'm still rather unfamiliar with domain controllers, and trust relationships, so if you could help me with step-by steps for suggestions, I would greatly appriciate it.
In trying things out, I was able to create a new user on MES-ADM1 (new server) and it was available on my PDC, and was able to login without a problem. I had thought that if there was a trust or replication error, I wouldn't be able to access or make changes to anything on the domain, including creating a new user. But, then again, I'm a little out of my league here..
Any suggestions or assistance would be greatly appriciated.