Solved

Domain Login Issue

Posted on 2012-04-04
10
277 Views
Last Modified: 2012-06-08
Hi,

We using Winodws 2003 domain controllers for the domain A and Windows server 2000 domain controllers for domain B.

We have trust between domain A and B both incoming and Outgoing trust.

All the domain controllers are running fine for both the domains.

But when a user from Doamin B Logonto the domain controller/member server of Domain A with Domain B credentials then it is giving the follwoing error.


"The system could not log you on. Make sure your User name and domain are correct, then type your password again. Letters in passwords must be typed using the correct case. Make sure that Caps Lock is not accidentally on".

We have tested the trust and it is working fine. Please suggest us how to resolve this issue.

It is very urgent. Thanks in advance.
0
Comment
Question by:gaddam01
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 37806142
a) Can the user log into a PC on the the trusted domain without problems? ( could be a server restriction)
b) I assume the user IS selecting the correct domain name from the drop down on the logon screen?
0
 
LVL 10

Expert Comment

by:jmanishbabu
ID: 37806155
This is by design. The purpose of a trust relationship is to allow a user to logon to a computer in either domain but that user must specify which domain where account is located. The DC then passes the logon credential backto the domain where the user account resides. That's why you get the trustingdomain listed in the drop down list for domains on the logon screen.
0
 
LVL 10

Expert Comment

by:jmanishbabu
ID: 37806163
And also tell me if you have tested the Trust 2 ways and is that working fine .
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 10

Accepted Solution

by:
jmanishbabu earned 500 total points
ID: 37806177
Can you also check configuring forwarders of the domain name on each DC which u have configured the windows trust

netdom trust testlabs/domain:<legacyDomainName> /userD:<administrator from LegacyDomain> /passwordD: *  /verify /verbose

Type the password associated with the object user: <type the password>
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37806182
Right you still need to select DomainA in the drop down box if the user account is from Domain A. If a user account is part of DomainA then user can NOT log on in DomainB then user will allows log on into Domain A.

You can add permissions with Domain Trusts so, both domain's can access both domain's resources but the domain users will still need to authenticate too their domain
0
 

Author Comment

by:gaddam01
ID: 37806362
Hello,

I am able to select the domain which I need to Logon from the Domain drop down list. It is working fine until Yesterday. suddenly from today the Login issue came.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 37806388
So a user in Domain B remotes to a server in Domain A, puts their username from domain B in, Puts their Password from Domain B in AND selects DOMAIN B from the drop down list of servers and THEN you get that error yes?

If so I would suguest either a network issue OR a DNS Issue.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37806441
I would suggest DNS issue as well. Test your trusts again

Are you using DNS Conditional Forwarders for DNS for Domain trusts?
0
 

Author Comment

by:gaddam01
ID: 37807053
Forwarders are configured and DNS is working fine. Name resolution is happening fine. Please suggest me what else needs to be checeked?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 37807293
So, you are using Conditional Forwarders? How do you know DNS is working properly?
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question