Solved

Windows 2003 member server unable to logon to domain or local account; access denied

Posted on 2010-08-27
9
1,191 Views
Last Modified: 2012-06-22
Windows 2003 member server had DNS error due to legacy IP of replicated server that had been isolated on a disconnected subnet for testing.  That replicated machine was physically removed before site-to-site connection restored from subnet to LAN.  Evdently, remote DNS entry for remote subnet IP came over.

I was able to update the DNS info to LAN subnet and am able ping the server by name and IP in LAN and WAN.  However, I cannot logon either as a domain user or the local Administrator because computer account not found and/or target name incorrect.  I tried a remote forced shutdown but access is denied.  Tried RDP and VNC same results.  Can see server in Windows Explorer but cannot open as target name is not correct.  Have started in Safe Mode as Last Known Good and Safe Mode with Networking with same results.  Removed from DNS and AD Computers then re-added but AD does not show DNS name in Properties.  Still pinging OK.

What else can I do to recover this production SQL/Data Dell Power Edge R900 Windows 2003 Std. R2?
0
Comment
Question by:ColdKathleen
  • 4
  • 4
9 Comments
 

Author Comment

by:ColdKathleen
ID: 33543975
New info:  when atempting a "net use" request, new error is Error 1789, trust relationship between this computer and domain has failed.
0
 
LVL 5

Expert Comment

by:jlanderson1
ID: 33544143
Use this utility to create a bootable CD/floppy.  This will allow you to reset the local administrator password.  That way you can log on to the server locally.

From there, I would change the IP Address back to something useable.
0
 
LVL 5

Accepted Solution

by:
jlanderson1 earned 450 total points
ID: 33544148
Sorry..here's the link to the utility...I have used this numerous times for XP users who don't know their local admin passwords...it also supports 2003 server.

http://pogostick.net/~pnh/ntpasswd/
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 5

Expert Comment

by:jlanderson1
ID: 33544203
Also, once you get in on the server locally, if the errors persist, I would remove from the domain and add it back.
0
 
LVL 5

Assisted Solution

by:tastas
tastas earned 50 total points
ID: 33544538
If you are know the username/password to the member server, simply unplug the network cable, and login.  It will use cache authentication.

After you have successfully login, change it to a workgroup and add it back ot the domain.
0
 

Author Comment

by:ColdKathleen
ID: 33544558
Ran the password reset utility for Administrator password, seemed to work OK and followed directions to edit password and write info back.  Still can't logon.  Will re-try while awaiting more info... if any.  Great idea, though.
0
 

Author Comment

by:ColdKathleen
ID: 33544659
2nd try failed.  Runs and says edit on Administrator complete, no error on the "save back".
0
 
LVL 5

Expert Comment

by:jlanderson1
ID: 33546282
When you try to logon locally, you don't get a bad password error, right?  What does it say again, exactly?
0
 

Author Closing Comment

by:ColdKathleen
ID: 33568150
After exhausting legitimate approaches w/ Dell and Microsoft, they advised me to reload the OS and rebuild the server.  The password hacker utilities that simulate a Win2k3 install failed due to RAID driver complications.  I even bought a USB-Floppy Drive per Dell... so after 10 hours and 35+ boots later, I ran the pogostick utility and BLANKED the password which did the trick.  

[I had run it to reset the password which claimed it worked but I never got in that way ergo the extended Dell/Microsoft support time.  I had to BLANK the password which worked.]  This utility was the solution, many thanks.

The trick of pulling the network cable and using the cached password worked when I was on phone w/ Microsoft but the tech AGAINST MY BETTER JUDGMENT insisted the cure was to unjoin the network without FIRST resolving the local admin password so I was back at square one.  But the idea was right so I tossed some points there too!
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question