Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 276
  • Last Modified:

After reinstalling and rebuilding a Windows SBS 2003 domain, users trying to log on must try several times before being able to find domain controller.

An old set up of SBS 2003 Standard was completley bunged up, corrupt AD, IIS, Sharepoint, everything was totally corrupt and broken in every way, so a reinstall was needed. The same domain name, same user names, same shared folders, everything set up to be the same as the previous install. The only hardware that's changed is the hard drives in the box and the RAM.

Since the user names, and domain name is the same the users old computers and profiles connect to the new domain and authenticate fine, and can access all domain resources as though nothing has changed. However every time a user tries to log on, they have to try several times because each attempt gives them an error trying to find the domain controller.

After several attempts, the number varies from computer to computer (with two computers being able to get in the first try), they log on successfully and everything works as it should.

My initial thought was that this was a network connectivity issue, so I started pinging from the server to each of the workstations, and there have been 0 dropped packets, and no reply times over 3ms so I'm pretty much ruling that out. Also the server doesn't seem to have any issues with anything else on the LAN or the Internet.

I'm wondering if this could be a result of the computers not being added to Active Directory. Or if it's because of something else.

The server is a fully patched, fully updated with SBS SP1, Server 2003 SP1, SharePoint SP1 and all the rest of everything. All workstations are fully updated XP SP2 boxes.
0
RobbieCrash
Asked:
RobbieCrash
  • 15
  • 11
  • 2
  • +1
1 Solution
 
KCTSCommented:
Make sure that the preferred DNS server settings on the clients all point to the Windows DNS server - normally on the domain controller. This may be set with TCP/IP static settings or via DHCP options.
0
 
divinewind80Commented:
What does the IPCONFIG show?  

My guess would be you should Network ID wizard again, just to confirm the computer knows which domain it belongs to.  Try this on a machine and see if the situation improves.
0
 
RobbieCrashAuthor Commented:
I'll reconfirm the preferred DNS settings, but I'm pretty sure that they're set as the server then a public dns server in that order.

Each of the clients say that they're part of the proper domain, and are all authenticated as domain users.

However without removing and rejoining each work station to the domain, and thus having to move over each user's profile to the newly created domain profile, or mucking about creating local profiles and then pulling them over with the migration wizard, I can't add each computer to the server's list of domain computers.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
divinewind80Commented:
Would it be possible to test this on an old machine with an old domain profile?  Maybe from an terminated employee, etc.... Just to see if that is the issue?
0
 
RobbieCrashAuthor Commented:
All of the machines are using the old domain profiles. There is one user that I've removed and readded and done the annoying profile move and reapplication of permissions and all the annoying things that go along with said actions.

They haven't had any issues, but have only logged on once since the new server was installed. I'll do some more testing from that angle and see if that's going to be my solution
0
 
RobbieCrashAuthor Commented:
It turns out that it is a trust issue, where the domain controller does not trust the computers that are attempting to log on. Why it lets them do so after a few retries I don't quite understand, but there are computer trust errors in the error logs.

So, it would seem that removing and readding the computers will undoubtedly fix the issue, but it will also create the hassle of recreating and fixing a bunch of profiles, and I'd rather avoid said hassle if at all possible.

Is there a simple way to re-establish the trust relationship without causing Windows to create a new user account on each of the rejoined computers, that then has to have the old user files and settings migrated over by hand?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
As you've now found out... you should have rejoined the computers to the domain after rebuilding the SBS because even though you used the same "names" there were completely new SID's (Security ID's) created.  

Removing and rejoining the workstations will definitely fix the problem and you apparently aren't aware that when you join a workstation to an SBS domain (using the http://<servername>/connectcomputer method as directed in the SBS documentation), the user profile gets migrated automatically.... so there is no hassle with regards to profiles.

You need to follow the exact steps outlined in this article I wrote though:  http://sbsurl.com/rejoin

You MUST change the names of the workstations as stated, so don't try to modify that step or any other in the outlined process.

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
From what I understand the only profiles that get migrated are the local user profiles, not any previous domain ones?

I'll be going out on site to try this today.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, what you understand is not exactly correct.  It will migrate previous domain profiles if the usernames are the same.  If the name is not in the drop-down list when running ConnectComputer, then just select NONE and it will automatically pick up the correct folder.

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
Thanks, I'm leaving for the client right now, I'll let you know how it turns out.
0
 
RobbieCrashAuthor Commented:
After connecting the first two computers in the domain, the profiles have not been automatically moved over. The user names have not changed, nor has the domain name. I've followed your instructions to the letter.

I have still had to copy files to the newly created profile folder "user.domain" from the original "user" folder, which I would've had to do were I just to remove and re-add the computer to the domain.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Your fallback is described here:  http://www.certmag.com/articles/templates/CM_COMM_Ind_article.asp?articleid=819&zoneid=185

Sorry, I should have posted that earlier for you.

If they didn't migrate over then it's probable that there may be a local profile with the same user name that either was configured on that machine or still is and was in the drop-down list?

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
There were no local profiles, save Administrator on each of the machines, so I'm not sure what the deal with not transferring the settings automatically were. It was just a hand patch job of copying and pasting and then reapplying permissions. Not a big deal, but still somewhat of a pain.

The only issue now is that one of the users mailboxes has lost all mail from before the rebuild, and for some reason is not accepting the mail merged from the exmerge pst file that contains all their mail.

But I suppose that's a different issue and a different question will need to be opened.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Can you open the .pst file in Outlook rather than trying to use EXMerge to import it back in?  If you can, then just import it through Outlook instead.

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
Pulling the exmerge pst into a different user's outlook gives the current setup for the user, as though the pst was overwritten by the new version, rather than staying as the old one.

I have a complete backup of the old server, as well as the old server intact and bootable on the old hdds, that I know I can pull a complete pst out of.

Is there a way to pull the one user's old mail out of a backup without having to remount the entire old store, and risking overwriting and losing all mail that came in after?

Worst case, I suppose I can pull the server down for an hour, swap the hdd's and pull another pst out of that exchange database, then swap and remerge. But that seems like a pretty convoluted process just to get the mail back.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
"Pulling the exmerge pst into a different user's outlook gives the current setup for the user, as though the pst was overwritten by the new version, rather than staying as the old one."

I'm sorry, I don't quite understand what you're saying here... what exactly is the problem?

What is "new vewsion" vs "old one"?

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
Sorry, I was in a rush when I wrote that and didn't figure it made much sense when I thought back on it.

The user has all deleted items, all sent items, and all items in her inbox. However she no longer has any of the 3,000+ emails that were sorted into folders. This is the current state of her mail.

When I originally imported the mail in from the pst that exmerge created from the old server install, it exported all of the above items, as well as the folders that are currently missing.

However, now, when I import from that pst, all that is imported is the inbox, sent mail, and deleted mail. It looks as though exchange somehow overwrote the pst with new information, after the import was done. The file's modification date also suggests this, although I'm not sure why that would happen.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Exchange doesn't overwrite .pst files.

So, when you say you "import from that pst", do you mean to say you imported it through EXMerge?

Did you try to just open the .pst file in Outlook as I had suggested?

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
No, when I import from that PST I mean when I copied that .pst file over to the user's computer and then selected it to be that user's new personal folder, the file did not contain the missing folders.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Did you try importing this file back into Exchange directly with EXMerge?

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
Yes I did.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
And that produced the same results?  Sorry for asking so many questions... but your explanations aren't very clear and I'm having trouble following the chain of events.

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
Ok, here's the full step by step:

1) Old server install: Use Exmerge on all users to create individual .pst files, with success.
2) Fresh sever install: Use Exmerge on all freshly created user accounts to merge .pst files with new exchange mailboxes, however I forgot to increase the default mailbox limit, and two users had over 2GB of email, so I needed to re-import their email after increasing their mailbox size. After doing this, everyone had all of their mail.
3) Follow your instructions to re-establish trust relationship between each computer and the server
4) Notice that one of the users that had to have their mail merged twice now only has what was there before the mailbox size was increased; which was all sent, deleted, and inbox mail, but not some 3,000 messages that were sorted into various folders. Attempted to merge .pst created by exmerge again through exmerge, no change.
5) Copy .pst to user's hard drive, and set as their default personal folder, no change.
6) Copy .pst to different desktop, and attempt to import through outlook into the Administrator's personal folder, and come up with the same results; that is the sent, deleted, inbox were all there, but the various folders and all of their contents were not.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Sounds to me as though the EXPORT step was the problem, not any of the import ones.

If you still have access to the original Exchange installation, then I'd use EXMerge again to re-export that user's mailbox.

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
I've got the old HDD's that SBS was installed on, but they're offline.

I'd imagine that the easiest thing to do would just be to swap the old drive with the new install one, use exmerge, and then swap back to the new one to restore. Rather than dealing with trying to pull it out of an offline version of the store, or a bkf file.

Aside from the obvious repeatedly swapping drives being a bad idea, do you have any reasons to avoid that?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
If you do that, be sure that your server is disconnected from the LAN so that it doesn't affect any workstations.

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
Thanks for the advice.

Do you see any other way to do it that would be simpler or more effective?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I don't really think so... I'm just going on what information you've provided here though.  If what you did was to replace the drives before rebuilding the server, and you have the previous installation on the old drives, that seems like a reasonable way to get the data.

Jeff
TechSoEasy
0
 
RobbieCrashAuthor Commented:
Thanks.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 15
  • 11
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now