Avatar of rtkeiper
 asked on

Server 2003 - New AD user profiles on workstations with no known DNS or AD change

We have a simple AD on Server 2003 with current SPs. Approx 30 users. No changes were made to DNS or Active Directory.

In a rolling pattern, many of the users -- but not all -- logged on to new, blank profiles. The previous profiles were accessible but indicated an unknown user account under security. The new profiles appended the domain to the username as we'd expect based upon settings. Some of the systems continue to work without change and we've attempted to replicate the issue on them with no luck.

All server and workstation logs indicate nothing -- no connection or authentication problems. The domain itself was unchanged on the server side.

I know this is far too vague to look for resolution here. What I really need are some ideas on where to dig since the logs have produced nothing obvious. Thanks!
ExchangeActive DirectoryWindows Server 2003

Avatar of undefined
Last Comment
Abhay Pujari

8/22/2022 - Mon
Abhay Pujari

If this problem is not replicable, then it could be the problem with that particular system. I had this problem twice and I could dig that this could be because of a Virus, corrupted OS files OR a disk problem.

This happened on multiple, checked clean systems. However, about 10 of the systems have yet to recreate their local profiles. Intentionally trying to recreate the issue has not worked.

All of the systems were joined to the domain at the same time about a year ago. No user issues and no problems/changes with DNS, DHCP or AD.
Abhay Pujari

What about Hdd and OS problem? I have formatted my machines having same problem twice and concluded that it was OS problem.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy

Wish it were that simple.

The workstations are all patched Windows XP. Cannot be workstation hardware given the number of systems affected. Seems more to point to a temporary inability for the workstations to authenticate with the domain or an issue with the Server 2003's SAM.
Abhay Pujari

May be. But is its a SAM issue, other machines should have the problem. What do you think?

The issue was definitely Active Directory related. Since they mostly failed around the same time, it seems to have centered around workstation security sync issues with the LSA.

We used "nltest" with some luck on the remaining systems. Here are the relevant links:



Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Abhay Pujari

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.