Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Service accounts suddenly stopped working.   Only work when you add DomainAdmin privileges....

Posted on 2008-09-29
4
Medium Priority
?
275 Views
Last Modified: 2012-05-05
Last week I was called in to client with SBS2003 server.  Quickbooks, SQLserver, BackupExec (which uses SQL server) services had all stopped and would not restart.  I reset the passwords for each system account.  No luck.  They appeared to not have adequate permission >> I tried to do a Runas for each account to start a CMD shell and it failed.  So I added DomainAdmin to each account and it works fine now.  

Today, I was called and Outlook Web Access was not working.  Error, Login timeout 440.  Again, I added DomainAdmin privileges to IUSR_STS1 and OWA started working again.

Any clues?  
0
Comment
Question by:ButlerTechnology
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 22

Expert Comment

by:Paka
ID: 22598328
Did you check to see if the accounts had expired or were locked out?  Are these service accounts members of the local admins?  Adding IUSR_ to domain admins is not a good idea!
0
 
LVL 6

Author Comment

by:ButlerTechnology
ID: 22598800
-none of the accounts were locked out or expired.
-none of the accounts were member of local admin
-domainadmin is a temp workaround to get them working while I find a solution

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 22599167
Follow the steps outlined here and your problem should be resloved:
http://msmvps.com/blogs/cgross/archive/2004/08/08/11472.aspx

Jeff
TechSoEasy
0
 
LVL 6

Accepted Solution

by:
ButlerTechnology earned 0 total points
ID: 22620393
Thanks TechSoEasy...but it turns out the problem was one of permissions.

Someone (the onsite admin?) had removed the users from the Users group.   This had a pernicious effect on all but the domain admin accounts.  
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question