?
Solved

Computer Account not found on Domain

Posted on 2006-07-20
14
Medium Priority
?
2,703 Views
Last Modified: 2008-01-09
When logging-in to the Domain from one of our Windows 2003 servers, authenication fails with a message suggesting the computer account is not found. We can login locally OK but not to the Domain. When the login prompt is displayed, we can unplug the network cable, hit enter to login, and plug-in the network cable after Windows starts. We can then see all shared drives on the other servers.

This problem first occurred after rebuilding one of the two mirrored hard drives in the server. Before that, all was well.

This is only a problem with one Win2003 server; all other machines are communicating as expected. Pings work to and from all machines. Net View shows the computer name. Should the server be shut-down before I delete the computer name from AD? What's the proper way to delete the computer name from AD and then later add the same computer name to AD?
0
Comment
Question by:Branlon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 17146345
You can just simply delete it from AD and then just remove/add it do the domain.

Have you tried doing a netdom /veryfy or a netdom /resetpwd?
0
 
LVL 26

Expert Comment

by:Pber
ID: 17146353
woops that should have been.


Have you tried doing a netdom /verify or a netdom /resetpwd?
0
 

Author Comment

by:Branlon
ID: 17146635
"netdom verify" fails with "RPC server is unavailable". Remember, this problem server is running Voice Mail services which rely on a fixed machine name. Changing the server's name will have adverse effects.
0
ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

 
LVL 26

Accepted Solution

by:
Pber earned 500 total points
ID: 17146739
You are not changing the machine name you are just re-adding it to the domain.  The computer name will remain the same.

Can you ping your domain name?
i.e.
ping domain.com
0
 

Author Comment

by:Branlon
ID: 17146857
Pinging the IP of the Domain works but not the DomainName. The trust relationship test fails. So, if I just delete the computer name from AD and then add it back in, with the "problem server" up and running, the authenication problem at login will be solved and the trust relationship fixed?
0
 
LVL 26

Expert Comment

by:Pber
ID: 17146871
I think you have some DNS issues.  On the server I would confirm that your DNS settings for the TCP/IP client are correctly pointing to the AD domain controllers.  I presume your AD domain controllers are hosting DNS.
0
 

Author Comment

by:Branlon
ID: 17147015
NetDiag and IPConfig confirm IP settings OK. Yes, AD domain controller is hosting DNS. Like you said, maybe Deleting and Adding the computer name will work. I'll try it later today when all the passengers get off.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17148587
If it is a member server and not a domain controller.

Then you can safely rejoin it to the domain.

If you want, you also do not need to delete the account from the AD.

The account will be overwritten as soon as you rejoin the server with same name.

For sure, you secure channel has become corrupt and machine account is not valid.

Just bring the server in the workgroup. Let the server restart.

Then, login to server as local admin.

Rejoin it to the domain using domain admin account.(Delegated account with permission to add to domain will not work, as server account still exists in the AD.)

Restart the server again, and login to the domain.


0
 

Author Comment

by:Branlon
ID: 17149037
In the process of adding a new computer to AD, it wants to know if the computer is managed. My gut feeling is "Yes it's managed, what computer isn't ?" But it may be asking about the HW switch? Can I just give it some unique GUID? I don't have any non-Microsoft third-party software here that manages computers or cares about GUIDs. Maybe I can just declare it non-managed and move on.
0
 
LVL 26

Expert Comment

by:Pber
ID: 17149056
Yes you can say it is non-managed.  You can also add that information later by right clicking the computer object and selecting properties and selecting the Managed By tab.
0
 

Author Comment

by:Branlon
ID: 17149169
OK, I'll start the process in about two hours and post an update here. Thanks
0
 

Author Comment

by:Branlon
ID: 17149831
Deleted and added the computer name in AD and shut-down the problem server. Now logged-in locally as Administrator cannot change the server to workgroup using Computer properties. How and from where do I un-join the server from the domain?
0
 

Author Comment

by:Branlon
ID: 17150107
OK, got ahead of myself. The server is now re-joined properly and the authenication works as expected. Thanks for your help.
0
 
LVL 26

Expert Comment

by:Pber
ID: 17153416
Good to hear
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question