Ghost images lose domain access after a period of time
Posted on 2004-10-08
We have several machines that we use to test drivers that are under development. To ensure that the systems do not have old versions of the driver files hanging around between builds, we use Ghost 2003 to create a "clean" image of the system before we do any testing. We do *not* move the images from one computer to another; they are simply used to roll the system back to a "clean" state, with a unique set of images for each physical computer.
To allow for testing multiple operating systems on a single system, we set the systems up with two primary partitions. One is a partition used to hold Ghost and various utilities. The other is a partition for the OS we want to test. We use Boot Magic to choose between the two partitions (which hides one and unhides/sets active the other). Then, when we want to change operating systems, we go to the Ghost partition and restore the correct image (2K/XP/98/Me) to the test partition.
Everything works great for several weeks. We can restore any image to the test partition, log in to the domain, and do the testing. Then, after a few weeks, we try to login under XP or 2K and get the following:
"Windows cannot connect to the domain, either because the domain controller is down or otherwise available, or because your computer account was not found. Please try again later. If this message continues to appear, contact your system administrator for assistance."
At this point, to continue testing, we need to do the following:
1) Login as a local admin.
2) Remove the computer from the domain.
3) Remove the computer account from the DC using Active Directory Users and Computers.
4) Add the computer back into the domain.
5) Make a new Ghost image.
If I skip step 3, when I go to add the computer back into the domain, I get "access denied." If I do not make a new Ghost image, the next time I restore the old image, it's back to being "broken."
At first, I thought there may have been an accidental duplication of computer names in the domain. However, we switched to a new naming system which prevents this from happening. We have added "-[OS]" to the end of the machine name, so the XP image has a machine name of "[computername]-XP."
It seems to me that, somehow, the domain SID on the DC or the client is somehow changing, but I'm not sure what could be triggering this. Is there something I'm missing somewhere, or will this be something we just have to live with?