Administrator password reset - now weird AD errors

Please help. This seems to have happened after my network admin left and I changed the administrator password.

Windows cannot access the file gpt.ini for GPO cn={D50DE3AE-CEBB-41D7-A899-30FC694D30B3},cn=policies,cn=system,DC=eafg,DC=local. The file must be present at the location <\\eafg.local\SysVol\eafg.local\Policies\{D50DE3AE-CEBB-41D7-A899-30FC694D30B3}\gpt.ini>. (Logon failure: unknown user name or bad password. ). Group Policy processing aborted.
EdibleArrangementsAsked:
Who is Participating?
 
abhijitwaikarCommented:
1. Set the NIC bindings proper.
2. Check the SYSVOL , NETLOGON shares and required policies and scripts are available and on server.
3. Also DC should point itself as primary DNS.
4. Navigate to SysVol\eafg.local\Policies\{D50DE3AE-CEBB-41D7-A899-30FC694D30B3} and check proper permissions are configured on that particular policy.

Regards,
Abhijit Waikar.
0
 
Sushant GulatiConsultantCommented:
This is really important to check before drilling down and please send the ipconfig /all result

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_22799705.html

Good Luck..!!
~SG~
0
 
EdibleArrangementsAuthor Commented:
not sure what you are telling me to check.  
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
Sushant GulatiConsultantCommented:
When did you change the password of your network admin account? How many DCs are there?

Send me these results please..
ipconfig /all
Repadmin /showrepl
dcdiag /q
0
 
EdibleArrangementsAuthor Commented:
I have 2 DCs.  I changed it last week.

C:\Documents and Settings\Administrator.EAFG>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : EAI-DC-01
   Primary Dns Suffix  . . . . . . . : eafg.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : eafg.local

Ethernet adapter Local Area Connection 1:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #
2
   Physical Address. . . . . . . . . : 00-15-C5-5D-78-96
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.168.43
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.168.10
   DNS Servers . . . . . . . . . . . : 192.168.168.45
                                       192.168.168.43

C:\Documents and Settings\Administrator.EAFG>Repadmin /showrepl

repadmin running command /showrepl against server localhost

Default-First-Site-Name\EAI-DC-01
DC Options: IS_GC
Site Options: (none)
DC object GUID: bcc8b9f3-608e-48fc-a2bf-6fb481b2ada3
DC invocationID: 313a53a9-b6e8-4326-b4d7-c99fb0947eb6

==== INBOUND NEIGHBORS ======================================

DC=eafg,DC=local
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:59:36 was successful.
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:59:59 was successful.

CN=Configuration,DC=eafg,DC=local
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:51:26 was successful.
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:51:26 was successful.

CN=Schema,CN=Configuration,DC=eafg,DC=local
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:51:26 was successful.
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:51:26 was successful.

DC=DomainDnsZones,DC=eafg,DC=local
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:51:26 was successful.
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:51:26 was successful.

DC=ForestDnsZones,DC=eafg,DC=local
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:51:26 was successful.
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:51:26 was successful.


dcdiag brings me nothing
0
 
Sushant GulatiConsultantCommented:
Run the this from Start > run

control keymgr.dll

and see there shouldn't be any cached credentials running saved. Run the gpupdate /force and send me the errors if there are any.

Good Luck..!!
0
 
EdibleArrangementsAuthor Commented:
2.  how do i check this
3. what are the proper permissions for the {D50DE3AE-CEBB-41D7-A899-30FC694D30B3}
0
 
abhijitwaikarCommented:
1. Set the NIC bindings proper.
http://theregime.wordpress.com/2008/03/04/how-to-setview-the-nic-bind-order-in-windows/

2. Check the SYSVOL and NETLOGON shares are available and on server.
http://technet.microsoft.com/en-us/library/cc816833(WS.10).aspx

3. what are the proper permissions for the {D50DE3AE-CEBB-41D7-A899-30FC694D30B3}
http://social.technet.microsoft.com/Forums/en/winserverDS/thread/45a2bd2f-253f-4053-b6ee-762c4b9c9945

Regards,
Abhijit Waikar.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.