Solved

Can't start any services, on any system in the domain, with a domain account.

Posted on 2006-06-21
15
190 Views
Last Modified: 2010-04-13
Okay, I'm really stumped here.  

Only one domain controller, I didn't build the network...  We ran updates on many of the member servers and noticed that many had service failures upon reboot.  When we checked errors they were logon failures.  We checked the accounts and passwords and everything was as it should be.  We reset passwords and even created new accounts and received the same results.  I was able to logon to any server with new and existing accounts, so this doesn't make any sense.  

The event logs on the domain controller are squeaky clean.  Dcdiag and netdiag all pass with no errors.  DNS looks good...  Anybody have any suggestions?
0
Comment
Question by:piaccarino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
15 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16956373
try with a domain admin and see if they kick off
0
 

Author Comment

by:piaccarino
ID: 16956395
All of the accounts used to start the services were domain admins.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16956418
oh dear, something has gone haywire then.......can you reset them back to the system account?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:piaccarino
ID: 16956446
Yeah, that's how they are running at the moment.  I need to start one of the SQL servers with a domain account soon to allow the developers to do a bulk insert from a network form.

I was able to start the sqlagent with a domain account yesterday but I wasn't able to restart the sql service due to active processing.  I tried to restart it tonight and it and neither service would start.  I don't mind the backup agents running from the local system but there are 4 sql servers that really need domain access.

Do you know of any good third party AD checking tools?  

Is it time to get Microsoft on the phone? :)
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16956465
fair call i see what you mean

there is an expensive yet highly regarded product called ADJANITOR from quest (i think) although, usually the DIAGS would come back if there was anything wrong with AD....... i just cant think of why suddenly your security has spacked out........Trying to think of what it could be.......... and there is no errors at all in the logs?
0
 

Author Comment

by:piaccarino
ID: 16956799
Everything in the event logs in the past month has been informational.  Recent errors before that were licensing for Exchange and an active unothorized DHCP server.

I tried to promote another server to ferret out some of the issues and possibly correct them, but it failed due to a login failure.

Thanks for the input.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16964876
hmm so security is well gone......are you able to demote and repromote your server
0
 

Author Comment

by:piaccarino
ID: 16964933
Oddly enough, file permissions, Exchange, and trusts with two other domains are still completely intact.  Last user leaves in 1/2 hour and I'll be talking to Microsoft about this one...  I'll let you know what is wrong if we actually figure it out.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16964941
ha! crazy, ill be interested to know what happened, good luck
0
 

Author Comment

by:piaccarino
ID: 16988089
Still no solution.  Microsoft techs have been in and out of the network via terminal services since last week.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16989386
and they have no idea? well thats at least a little comforting.......hmm wish i could help man
0
 

Author Comment

by:piaccarino
ID: 17053017
And the solution is...  Create another domain in the forest and use an account from that domain to start services.  Ah well, at least they came up with that for free.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17087097
you are kidding me! ha! certainly an interesting solution....
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 17262726
PAQed with points refunded (500)

CetusMOD
Community Support Moderator
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Let's take a look back at the commercialization of the internet to understand why keeping it open and neutral is in our best interest as a society.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question