asked on
Server 2003 - New AD user profiles on workstations with no known DNS or AD change
We have a simple AD on Server 2003 with current SPs. Approx 30 users. No changes were made to DNS or Active Directory.
In a rolling pattern, many of the users -- but not all -- logged on to new, blank profiles. The previous profiles were accessible but indicated an unknown user account under security. The new profiles appended the domain to the username as we'd expect based upon settings. Some of the systems continue to work without change and we've attempted to replicate the issue on them with no luck.
All server and workstation logs indicate nothing -- no connection or authentication problems. The domain itself was unchanged on the server side.
I know this is far too vague to look for resolution here. What I really need are some ideas on where to dig since the logs have produced nothing obvious. Thanks!
In a rolling pattern, many of the users -- but not all -- logged on to new, blank profiles. The previous profiles were accessible but indicated an unknown user account under security. The new profiles appended the domain to the username as we'd expect based upon settings. Some of the systems continue to work without change and we've attempted to replicate the issue on them with no luck.
All server and workstation logs indicate nothing -- no connection or authentication problems. The domain itself was unchanged on the server side.
I know this is far too vague to look for resolution here. What I really need are some ideas on where to dig since the logs have produced nothing obvious. Thanks!
ExchangeActive DirectoryWindows Server 2003
Last Comment
Abhay Pujari
If this problem is not replicable, then it could be the problem with that particular system. I had this problem twice and I could dig that this could be because of a Virus, corrupted OS files OR a disk problem.
ASKER
This happened on multiple, checked clean systems. However, about 10 of the systems have yet to recreate their local profiles. Intentionally trying to recreate the issue has not worked.
All of the systems were joined to the domain at the same time about a year ago. No user issues and no problems/changes with DNS, DHCP or AD.
All of the systems were joined to the domain at the same time about a year ago. No user issues and no problems/changes with DNS, DHCP or AD.
What about Hdd and OS problem? I have formatted my machines having same problem twice and concluded that it was OS problem.
ASKER
Wish it were that simple.
The workstations are all patched Windows XP. Cannot be workstation hardware given the number of systems affected. Seems more to point to a temporary inability for the workstations to authenticate with the domain or an issue with the Server 2003's SAM.
The workstations are all patched Windows XP. Cannot be workstation hardware given the number of systems affected. Seems more to point to a temporary inability for the workstations to authenticate with the domain or an issue with the Server 2003's SAM.
May be. But is its a SAM issue, other machines should have the problem. What do you think?
ASKER
The issue was definitely Active Directory related. Since they mostly failed around the same time, it seems to have centered around workstation security sync issues with the LSA.
We used "nltest" with some luck on the remaining systems. Here are the relevant links:
https://www.experts-exchange.com/questions/23611729/How-can-I-stop-Windows-XP-and-Windows-2000-Clients-from-losing-connection-to-the-Domain.html?cid=236&anchorAnswerId=22132205#a22132205
http://www.xiitec.com/blog/?p=147
Thanks!
We used "nltest" with some luck on the remaining systems. Here are the relevant links:
https://www.experts-exchange.com/questions/23611729/How-can-I-stop-Windows-XP-and-Windows-2000-Clients-from-losing-connection-to-the-Domain.html?cid=236&anchorAnswerId=22132205#a22132205
http://www.xiitec.com/blog/?p=147
Thanks!
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.