Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Windows 2003 SBS with SP2 services lose authentication randomly and at reboot

Posted on 2010-08-13
10
Medium Priority
?
460 Views
Last Modified: 2013-11-10
Problem: after a reboot or after a random period of time the passwords for the accounts use to run services seem to corrupt, vanish, or change inexplicably. The password still shows to be there in the service properties but if the service stops, or is stopped, it will give a logon error when a start is attempted. When you put the password back in it is fine. If you restart right after you put the password in it restarts fine. Only after time...

This seems to only affect services that require a user account for Authentication. Being SBS it is of course a DC. It also hosts Exchange 2003 SP2, and the latest Blackberry Server Express. The Blackberry services are the ones that usually have the issue and are currently using the BESAdmin account specifically created for it. However it does the same thing using Administrator and other domain admin accounts. It does this on other services than Blackberry as well.

We cannot use Local System, or any other generic account unfortunately for any of the services. I did change those I could and we have no longer had any issues for those services. I cannot seem to find anyone else with this issue. Any ideas?

0
Comment
Question by:olygraham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
10 Comments
 
LVL 31

Expert Comment

by:Justin Owens
ID: 33430576
Those services should be using the BESAdmin account.  It should have the necessary rights on your DC and also have a password set to not expire.  It also needs to be granted permission to interact with the machine.  Do you see any events in your logs when this happens?

Justin
0
 
LVL 3

Expert Comment

by:comphil
ID: 33430648
That's a really odd one and no mistake.  So does the problem not happen if you use the BESAdmin account on the Blackberry services or am I misreading that bit?

A few things to try - set a service to use the Local System account, restart the service and then change it back to a user again - then restart the service once more.  Make sure that user's password is not set to expire.

Second, check Group Policy settings for Local Security settings.  One post on Technet refers to a similar problem and the fix appeared to be related to this ("someone modified my Group Policy settings to remove the accounts from the Local Security Settings").

My first port of call would be the Windows event log for any clues, particularly the System, Application and Security logs (the last is huge and may take a bit of trawling through to find anything that might be relevant assuming you know an approx. date and time when it last happened).
0
 
LVL 3

Expert Comment

by:comphil
ID: 33430650
Sorry Justin didn't mean to override your reply you got yours in while I was writing mine!
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
LVL 31

Expert Comment

by:Justin Owens
ID: 33430662
No worries... Refresh strikes us all from time to time.
0
 

Author Comment

by:olygraham
ID: 33851371
done
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 33851431
Author requests a refund but never answered either questions asked by the two participating Experts after almost two months.  If the Author wants to delete the Question, that is his/her business, but if he/she wants a refund of points, he/she should respond to the Experts.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 33853860
This seems to be the case of an Author trying to clear a Question he/she abandoned.  My first choice would be for the Author to interact with the Experts and actually resolve the Question.  My second choice would be for the Author to post the actual resolution and accept it as a 0 point answer.  My third choice would be to delete the Question with no refund, as we normally would an abandoned Question.
0
 

Accepted Solution

by:
olygraham earned 0 total points
ID: 33853954
Well - first - am unsure of how to just end the questions as I resolved it myself.  The issue really lies at the core of AD in the domain permissions
0
 
LVL 3

Expert Comment

by:comphil
ID: 33854602
Could you expand on exactly what the resolution to this problem was?  I am intrigued as I've never come across this particular problem before, it'd be useful to have it recorded here for anyone else who comes across the same problem.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question