?
Solved

Administrator password reset - now weird AD errors

Posted on 2011-10-03
8
Medium Priority
?
294 Views
Last Modified: 2012-05-12
Please help. This seems to have happened after my network admin left and I changed the administrator password.

Windows cannot access the file gpt.ini for GPO cn={D50DE3AE-CEBB-41D7-A899-30FC694D30B3},cn=policies,cn=system,DC=eafg,DC=local. The file must be present at the location <\\eafg.local\SysVol\eafg.local\Policies\{D50DE3AE-CEBB-41D7-A899-30FC694D30B3}\gpt.ini>. (Logon failure: unknown user name or bad password. ). Group Policy processing aborted.
0
Comment
Question by:EdibleArrangements
  • 3
  • 3
  • 2
8 Comments
 
LVL 8

Expert Comment

by:Sushant Gulati
ID: 36906116
This is really important to check before drilling down and please send the ipconfig /all result

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_22799705.html

Good Luck..!!
~SG~
0
 

Author Comment

by:EdibleArrangements
ID: 36906159
not sure what you are telling me to check.  
0
 
LVL 8

Expert Comment

by:Sushant Gulati
ID: 36906224
When did you change the password of your network admin account? How many DCs are there?

Send me these results please..
ipconfig /all
Repadmin /showrepl
dcdiag /q
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:EdibleArrangements
ID: 36906249
I have 2 DCs.  I changed it last week.

C:\Documents and Settings\Administrator.EAFG>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : EAI-DC-01
   Primary Dns Suffix  . . . . . . . : eafg.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : eafg.local

Ethernet adapter Local Area Connection 1:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #
2
   Physical Address. . . . . . . . . : 00-15-C5-5D-78-96
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.168.43
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.168.10
   DNS Servers . . . . . . . . . . . : 192.168.168.45
                                       192.168.168.43

C:\Documents and Settings\Administrator.EAFG>Repadmin /showrepl

repadmin running command /showrepl against server localhost

Default-First-Site-Name\EAI-DC-01
DC Options: IS_GC
Site Options: (none)
DC object GUID: bcc8b9f3-608e-48fc-a2bf-6fb481b2ada3
DC invocationID: 313a53a9-b6e8-4326-b4d7-c99fb0947eb6

==== INBOUND NEIGHBORS ======================================

DC=eafg,DC=local
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:59:36 was successful.
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:59:59 was successful.

CN=Configuration,DC=eafg,DC=local
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:51:26 was successful.
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:51:26 was successful.

CN=Schema,CN=Configuration,DC=eafg,DC=local
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:51:26 was successful.
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:51:26 was successful.

DC=DomainDnsZones,DC=eafg,DC=local
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:51:26 was successful.
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:51:26 was successful.

DC=ForestDnsZones,DC=eafg,DC=local
    Default-First-Site-Name\EAFG1 via RPC
        DC object GUID: 99f0c9ff-5e27-45eb-9fe8-fba45ff9b2c0
        Last attempt @ 2011-10-03 16:51:26 was successful.
    Default-First-Site-Name\EAI-DC-02 via RPC
        DC object GUID: 631c43be-51bd-4829-90e9-9ca06dc0e286
        Last attempt @ 2011-10-03 16:51:26 was successful.


dcdiag brings me nothing
0
 
LVL 8

Expert Comment

by:Sushant Gulati
ID: 36906508
Run the this from Start > run

control keymgr.dll

and see there shouldn't be any cached credentials running saved. Run the gpupdate /force and send me the errors if there are any.

Good Luck..!!
0
 
LVL 10

Accepted Solution

by:
abhijitwaikar earned 1500 total points
ID: 36907972
1. Set the NIC bindings proper.
2. Check the SYSVOL , NETLOGON shares and required policies and scripts are available and on server.
3. Also DC should point itself as primary DNS.
4. Navigate to SysVol\eafg.local\Policies\{D50DE3AE-CEBB-41D7-A899-30FC694D30B3} and check proper permissions are configured on that particular policy.

Regards,
Abhijit Waikar.
0
 

Author Comment

by:EdibleArrangements
ID: 36909353
2.  how do i check this
3. what are the proper permissions for the {D50DE3AE-CEBB-41D7-A899-30FC694D30B3}
0
 
LVL 10

Expert Comment

by:abhijitwaikar
ID: 36915012
1. Set the NIC bindings proper.
http://theregime.wordpress.com/2008/03/04/how-to-setview-the-nic-bind-order-in-windows/

2. Check the SYSVOL and NETLOGON shares are available and on server.
http://technet.microsoft.com/en-us/library/cc816833(WS.10).aspx

3. what are the proper permissions for the {D50DE3AE-CEBB-41D7-A899-30FC694D30B3}
http://social.technet.microsoft.com/Forums/en/winserverDS/thread/45a2bd2f-253f-4053-b6ee-762c4b9c9945

Regards,
Abhijit Waikar.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introducing Priority Question, our latest feature.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question