Windows cannot connect to the new domain because: the logon attempt failed.


We had a tech resign yesterday so we needed to change our administrative passwords.  We have a domain that consists of a single domain controller and no member servers.  It has about 20 clients attached to it.  We changed the administrative password and rebooted the server.  We entered the new administrator password and it came up fine.  However, now when we now go into AD Users & Computers we get the following dialog:

"Naming information cannot be located because: The Logon attempt failed."

The AD Users and Computers MMC will then come up but the snap-in has a red X on it.  If we try to connect to the domain from within the MMC we get this dialog:

"Windows cannot connect to the new domain because: the logon attempt failed."

Bottom line is why did we lose the authentication to AD and is there anyway to recover it?  I have seen some documentation on the use of NETDOM but I'm not sure how to proceed.

Any assistance will be most humbly appreciated.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rob StoneCommented:
This might help

Can you post the event id error and source?

If you right click My Computer and select Manage, then select Event Viewer and System you will have some red crosses in their. They will help.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dugodugoAuthor Commented:
I didn't see anything in the Event Logs that pertains to this.  I'll keep looking, but there's nothing that stands out.

Now, let's take a deep breath here, when I connect to the server using Remote Connect from my XP Desktop, I can logon fine using the Administartive password.  Once I have a remote session going I can launch AD fine from there!!!!  That my friends is what I call real strange???  What is it about a Terminal Service Session that allows for the Authentication with AD but won't allow it from the server itself???  Micosquish true to form here.

Anyway, things have taken a step to the better here, because I had thought I had lost my AD.  I am in on the Desktop, however, I'm not going to change the Adminstrative password back just yet.  I want to get some more input on this.  And I guess I'm wondering why I can't change my Admin Password without the system not updating the AD authentication.

Now here's a bit more info.  This box was an "upgrade" from WinNT 4.0.  My experience has been you NEVER want to upgrade from NT4.0 but instead do a clean install and re-establish accounts.  Yes more work but cleaner in the long run.  We have had problems in the past with the AD on this server in that when you change a persons name or other info, it says that it can not verify the changes made.  This tells me that something is not quite right in Kansas with this system.

Any thoghts?

Are there any other authentication problems?  Are your users able to logon to the domain?  Are file shares accessible?  Did you check event logs on the DC?  Look on the DC under Event Logs | Security and see if there are any problems.  If not, it may just be that your policy is not set to enable failed logon attempts.  For fun, have you rejoined your workstation to the domain?  Another thing to try would be to right click the ADUC icon and "run as" the "administrator" account (assuming you all have unique IDs and don't use Administrator all the time).  Are you able to use any of the other AD tools such as "sites and services" or "domains and trusts"?
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).


Here is another link.  It's symptom is the same one you described.  It's resolution is to rebuild the security config databases.  I would be careful as I don't know the ramifications, and you are only running one domain controller.  You should seriously consider promoting another AD server (even if it is not really a server class machine and won't hold any FSMO roles).

Let us know
dugodugoAuthor Commented:
Ok...tengage's link looks like the solution.  I believe that the WinNT4.0 upgrade to Win2000 server may have caused some problems with the Security Config.  This is the first we have tried to change the Admin PW and this is the result, so something ain't right in Kansas.

I have changed the admin password from the Remote Connect Terminal Session back to what it was and rebooted the server.  It came up fine and let me in as Admin.  I can now access the AD Snap In's fine.  Wheeeewww!!!  Looks like we're back in the saddle.

I do however want to get the PW changed so I'll continue to investigate and provide an update here when I get a solution (for future searches).  First thing to do though is a full backup of the AD, and I may get a box setup just to replicate it on another platform.

Thanks for all the help...I'll divey up points appropriately,

dugodugoAuthor Commented:
I found out what this issue was an issue with the Global Catalog.  The permissions on it were set for "Domain Admins" but not local administrators.  Once I added the local admins in with full control to the Global Catalog, it worked properly.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.