Solved

Wiindows 2003 Domin Controller not answering authentication requests.

Posted on 2007-11-19
3
172 Views
Last Modified: 2010-04-21
Hello,

I have an interesting problem with a small 2 DC domain:

Background:
My customer had a 2000 server DC and I installed a new Windows 2003 DC following  MS white papers, I did the 2000 to 2003 ADPrep and transferred the FSMO roles to the new 2003 DC.

The new DC is used mostly for file sharing, but it is configured with DHCP, DNS and WINS.

Problem:
Two times the old 2000 server suffered a hardware failure and would not boot, after this happened, only about half of the users could open their shared folder on the server, if I deleted their mapped drive and tried to re-map, it would ask for credentials and when supplied, it would give an error that the “login credentials” have already been tried and have failed.

I found out if I reboot the PC even though they have been rebooted many times before while the mapped drive was attached, then tried to map again it would ask for credentials and accept the login credentials creating the mapped drive.

I noticed that when you do a “set” command from the command prompt, the LOGINSERVER was the 2000 server and not the 2003 server. It seems that it’s using the cached credentials to log on, but not getting authentication from the 2003 server if the 2000 server is unavailable. The 2003 server is set in DHCP as the DNS server and WINS server.  I’m baffled as to why it will not authenticate users trying to use a share on itself.

Any ideas what I should be looking for here?
0
Comment
Question by:JDrobnick
  • 2
3 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 500 total points
ID: 20316906
Confirm that the 2003 server configured as a Global Catalog server.

0
 
LVL 1

Author Closing Comment

by:JDrobnick
ID: 31410043
It looks like the 2000 DC was a GC, but the 2003 was not, thanks for the quick solution!
0
 
LVL 1

Author Comment

by:JDrobnick
ID: 20355640
Another thing I noticed is that after turning on the GC, I still have issues with some nodes not finding any server to authenticate to, so they use cached credentials. The 2000 DC is currently down with a hardware issue that will take another week to repair, I'm assuming that since the 2003 DC was just configured as a GC, that it is missing something from replication that it can't get because the 2000 DC is down?
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now