Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Using netdom to reset server password

Posted on 2010-08-18
8
Medium Priority
?
1,117 Views
Last Modified: 2012-05-10
I have a situation where I believe that one of my servers may have lost connection with the domain. The symptoms are as follows
When attempting to log in via RDP using any user account I get an access denied message
Trying to run %logonserver% from the command prompt brings up a password prompt
Trying to run net time /set brings up an access denied error message
Event ID 1030, 1058, 1097 in the event log

I have already ran a netdom verify on the machine and it claims that the secure channel to the domain is good but i dont really know if that is the case.

So what I was thinking of doing was running a netdom reset on the server but the last thing I want to do is to mess it up if that would cause the server to need to be disjoined/rejoined to the domain.
0
Comment
Question by:Joseph Daly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 668 total points
ID: 33469260
Or move it out of the domain and back in which will also reset the secure channel.  What sort of server is it?

for the 1030/1058

Take a look at these two articles

http://support.microsoft.com/kb/887303

http://www.expertsexchange.com/articles/OS/Microsoft_Operating_Systems/Server/2003_Server/Diagnosing-and-repairing-Events-1030-and-1058.html
Good EE article by Chief IT

I'd try the dfsutil /purgemupcache first and see if that helps (i've had luck with it on a few boxes in the past)

Thanks

Mike
0
 
LVL 3

Assisted Solution

by:meagain35
meagain35 earned 664 total points
ID: 33469279
NETDOM RESET "should" not cause you any problems as it is simply resetting and assuring the machine is in sync with the domain.

Take a look here as there are some requirements to running depending on the type of server

http://support.microsoft.com/kb/260575

0
 
LVL 35

Author Comment

by:Joseph Daly
ID: 33469308
The reason im scared of the moving out of the domain and back in is that this server is our cisco unified messaging server. I would bet that this thing would freak out and take down our voicemail if i tried a remove/readd.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 668 total points
ID: 33469874
Dijoining from the domain does not always work resetting the secure channel password with netdom does work 100% of the time from my experience. Make sure the server is only pointing to internal DNS servers.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33470702
Yeah don't remove it then if it runs messaging.  Still check that link about the 1058 and 1030 errors.
0
 
LVL 35

Author Comment

by:Joseph Daly
ID: 33474689
Mkline: I did take a look at that article, after reading through some of the suggestions he makes it looks like most of them do not apply to this situation. I have not yet done the dfsutil /purgemupcache command but I will try that.

Alot of the other steps in the document seem to apply to a domain controller which this is not.
0
 
LVL 35

Author Comment

by:Joseph Daly
ID: 33475437
Just tried the dfsutil command and that did not seem to resolve the issue. I kind of had a feeling that might not work because when using the %Logonserver% environment variable from the command line it pointed to the right server I was just prompted for a username/pass.

That combined with all of the other access issues is making me lean more towards a bad secure channel on this server. I also came across another person with similar issues whos cause was a bad winsock and it was resolved by using netsh winsock reset.
0
 
LVL 35

Author Closing Comment

by:Joseph Daly
ID: 33500316
So the solution to this is not really a solution at all. We were planning on upgrading to the newest version of this software next month and will be building a whole new server. All of the functions of this server still work so we are going to just decomission this when the time comes.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question