Start Free TrialLog in
Avatar of gmacmaster
gmacmaster

asked on 

Active Directory accounts are unable to login

We have 200 + PC running in a workgroup that has the same name as my AD domain.   None of the machines are members of the domain.    They users login to Novell 6.0 and get all the poilicies from Novell.   They need access to our exchange 2k box for their email and another application.  Most of the users have no trouble with this setup, although, a select few have been locked out of their AD account (not able to access email etc. )  We dont see anything in the event log on the domain control besides:

"Disabled user /o=Domainname.com/ou=First Administrative Group/cn=Recipients/cn=username does not have a master account SID. Please use Active Directory MMC to set an active account as this user's master account."

But so far the users with that message have not encountered the issue.

Our work around has been to reset the user's password on the DC will fix the issue.  Users do not have access to reset their own passwords.
Operating SystemsActive Directory
Avatar of undefined
Last Comment
Jandakel2
Avatar of Jandakel2
Jandakel2
It sounds like you have accounts that have been removed from AD prior to their mailbox being removed from Exchange.  You should remove the exchange features/mailbox first than delete accounts for users.

JK
Avatar of gmacmaster
gmacmaster

ASKER

The error message I posted was the only warning or error in the event log,  I am not sure if it is related.    

I have requested the my helpdesk folks keep a running list of the users having this issue to see if their username appears in the log.  

Note:  all the users have the check box for passwords never expiring.
ASKER CERTIFIED SOLUTION
Avatar of Jandakel2
Jandakel2
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Active Directory
Active Directory

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

86K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent