Domain admin password corruption/change.
Posted on 2010-11-17
I have a domain with 2 AD controllers.
Upon rebooting either controller we are not able to log into the system with the admin account.
We can change the password (to the same thing as before) on the other AD controller we can then log in.
I have enabled auditing on the system to see if something is changing the password (policy) and nothing is/has.
I have looked at the FSMO roles to find that the domain controller (operations masters) cannot be found (i.e., ERROR) upon reboot. if I force a sync, via Sites & Services, they FSMO roles return to normal.
I know that there is a misconfiguration someplace or some parts of the system are not communicating properly, however there are no DNS errors to indicate a naming issue and WINS is functioning properly.