We help IT Professionals succeed at work.

Issue login domain user

Medium Priority
446 Views
Last Modified: 2012-08-26
Hello,

I'm having problems with one of the workstations on my domain, it no longer lets anyone log in to the domain, I can only log in as a local user. this started happening without any changes being made, I can fix it doing a system restore to a few days ago but then it happens again after 1 or 2 days. I have tried on the server side to remove the computer from the list workstations for the domain, and then re adding it, also restoring the account, but none of that seems to make any difference. the error message that I get when I cant log in is: error with username or password. im using windows server 2008 and the workstation with problems has win XP sp2
any help will be much appreciated, thanks in advanced
Diego
Comment
Watch Question

Brian PiercePhotographer
CERTIFIED EXPERT
Awarded 2007
Top Expert 2008

Commented:
It sounds like the computer has lost sync with the DC - unjoin the machine from the domain, then add it back again.

Author

Commented:
Ok, I have tried removing it from the server,  and unjoined the WS from the domain. then I added both things back, dont know if I messed up something, is there a particular orden in which I have to do this?
Thanks
larry urbanDevOps Engineer

Commented:
yes, don't remove it from the server. just, from within the WS change it to be in a workgroup. Reboot, then add it to the domain again. It lost it's security cert. Probably was ofline/off the domain for more than 30 days.
Brian PiercePhotographer
CERTIFIED EXPERT
Awarded 2007
Top Expert 2008

Commented:
Demote it to a workgroup - then re-add it to the domain. This behaviour oftem occurs when a workstation has been restored/reimaged as clients maintain a computer password with the DC that they chnage every 30 days. If you restore/reimage the machine then the password is not sync'ed. The DC is expecting the new password and the client gives it the old one.

You can prevent this by setting the policy on the DC Domain Server: Refuse Machine Account Password Chnages - see http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/621.mspx?mfr=true
Hi, ive tried all of the above and it works on some WS and for some users, but then it randomly stops working and the mapped drive is again not accessible. I think the problem is that the domain controler is in one server and the shared folder is on another one, we are migrating, I think it would be best solved if I just take down the old server and have just the new one doing everything, my question then now turns to whats the easiest way to migrate all users and computers to the new server? all help is greatly appreciated.
Thanks is advanced

Author

Commented:
no one gave an answer and doing this fixed the issue

Explore More ContentExplore courses, solutions, and other research materials related to this topic.