?
Solved

Windows 2000 Pro Workstations joined to a 2003 AD Controller can't log in....

Posted on 2005-04-09
13
Medium Priority
?
235 Views
Last Modified: 2010-04-18
Friends,

I am desparately hoping someone knows how to help this problem. We recently set up a 2003 Server as a Domain controller (single site/forest, native 2003 mode on both) and have joined our network workstations to this controller. Almost all are Windows XP based and they log in just fine, run the login script, process group policy correctly, and so on. I even have one old NT4-based server joined to the domain that's running fine.

My problem is 2 Windows 2000 Professional (sp4) workstations that were successfully joined. Neither one will log in. They allow for a username/password to be entered, you see the login script running, but then are brought right back to the "CTRL-ALT-DEL" to login page. Neither a local server login or domain login is possible, the same behavior occurs. We tried disabling the policies and scripts, but that doesn't allow either to log in.

Both are production systems and as of now, we're really at a loss to know what else can be done. Any advice/suggestions are welcome.

Thanks in advance.

-Steve
0
Comment
Question by:seriochka1
  • 6
  • 3
  • 3
  • +1
13 Comments
 
LVL 9

Assisted Solution

by:joedoe58
joedoe58 earned 525 total points
ID: 13746460
Hi,
Just a question first. The NT4 box was it a PDC or BDC in its previous life? Also if you have your domain in native w2k3 mode you should not be able to have any NT4 server running.
To your problem if it is so that your NT4 was a domain controller then it is possible that it still do login for the w2k stations. the xp stations would not do so since they prefer kerberos.
0
 

Author Comment

by:seriochka1
ID: 13746830
No, the NT4 box was just a webserver. There were no domain controllers/setup in our environment before this upgrade.
0
 
LVL 11

Assisted Solution

by:elbereth21
elbereth21 earned 450 total points
ID: 13747902
Can you login in Safe Mode?
Do you see any significant entry in your logs?
If possible, maybe using safe mode, ensure this is not related to malware or virus, scanning those workstation thoroughly, then give us some more details.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:seriochka1
ID: 13748145
I can tell you both systems were scanned for malware/spyware/adware and viruses before joining the domain. Also, the same login behavior that I experience normally, I also experience in safe mode, so I can't get to the system logs or any other portion of the computer.

-Steve
0
 
LVL 9

Expert Comment

by:joedoe58
ID: 13748733
Can you connect to them remotely. If you can you can read the event log that way
0
 

Author Comment

by:seriochka1
ID: 13748955
No, I tried connecting from the domain controller and another system in the domain, neither worked.

-Steve
0
 
LVL 35

Accepted Solution

by:
Nirmal Sharma earned 525 total points
ID: 13750509
>>>you see the login script running, but then are brought right back to the "CTRL-ALT-DEL" to login page.

Apply the logic here....After pressing Alt+Ctrl+Del and then hitting enter winlogon.exe should load Explorer.exe from registry. If registry is corrupted or path of explorer.exe is disordered then no one can log on because explorer.exe is the Main User Shell for Computer and not users. Goto Another computer > User Connect Remote Registry and find the following key: -

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

In Right Pane you will see the following key: -

Shell=\Winnt\System32\Explorer.exe

If it is not there replace it with the above path.

Let me know.

Thanks
SystmProg
0
 
LVL 9

Expert Comment

by:joedoe58
ID: 13751790
What happened when trying to connect remotely? Eventlog entries, error messages?
0
 

Author Comment

by:seriochka1
ID: 13752055
When I do that, I get an error saying it can't connect to the remote registry...to make sure the computer is on the network, that the remote registry service is enabled and so on....

Any other ideas?

-Steve
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13752153
Goto Recovery Console on infected computer and then enable the Remote Registry.

0
 

Author Comment

by:seriochka1
ID: 13752485
Do you mean from a Win 2k Pro CD or ??? I can't get anywhere through the usual "F8" options.

Thanks,

-Steve
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 13752562
>>>Do you mean from a Win 2k Pro CD or ??? I can't get anywhere through the usual "F8" options.

In order to access remote computer using registry you need to start Remote Registry service on remote computer. You can use Windows 2000 Bootable CD and then use Recovery Console. If you can't use Recovery Console from CD then start the service using a remote computer and then starting service using Services.msc snap-in on it. Use mmc.exe > Add/Remove Snap-ins > Select Services > select "Another computer or Remote Computer > and then start the service on remote computer.

Let me know.

Thanks
0
 

Author Comment

by:seriochka1
ID: 13819249
After much looking into this, the only option that worked was re-formatting the entire system and building it as a Windows XP box. None of the remote registry stuff worked. None of the local registry or safe-mode access seemed to work at all. Nothing. I will split points for this amongst those who tried to help. Thanks much./

-Steve
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question