Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 353
  • Last Modified:

Win2003 AD cannot login to

have a server 2000 and a server 2003. as far as I know, server 2003 had all the master roles. I tried demoting the server 2000 but it was erroring out so I had to do a forceremoval of the ad, then deleted it from the ad on the 2003. upon demotion it told me what normally says, that it will become a member of the DOMAIN. restarted, came back up, as a member of workgroup.

when I try to join ANY server/pc now to the domain says it cannot find the domain name. first thing I checked was the DNS, triple checked it. even removed the role from the 2003, re added it, deleted the domain.com zone, re added it and nothing.

then I  tried forcing all roles to the 2003, just in case it was missing some, none of them gave any errors. 2003 ad had all the roles of the domain.  since it wasn't working still, I decided to reboot that 2003 AD, and now when it came back up and I tried logging on, it says the domain is not available. Im at a dead end road on what to do now.
0
Comptx
Asked:
Comptx
  • 6
  • 4
  • 2
  • +3
1 Solution
 
KyotokyoCommented:
I would dettach the LAN cable from the Win server and log in the system and then check the event log for the AD related errors and warnings.
0
 
KwoofCommented:
check your dhcp server.  make sure it points DNS to your main server ip.

Did I read correctly...that you cannot log into your main AD server now?

Are you running exchange internally?  If not, can you startup a new domain...maybe on 2008R2 or 2012 and move your services there?  How big is your network and what services are running on it?
0
 
SandeshdubeyCommented:
How many dc you have in env ?Have you tried DSRM mode to login try the same and check in the event log for any errors and warning and post the same.Also check the DNS pointing on DC and set as this:
Best practices for DNS client settings on DC and domain members.
http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
compdigit44Commented:
1)Are you client workstation able to log into the domain?

2) From at workstation please upload the results of the following command:
dcdiag /e /v >c:\dcdiag.txt
0
 
ComptxAuthor Commented:
I have not been able to do anything physically with the servers as I support them remotely.

they are only a really small business with about 10 employees, no exchange and only some specific programs for their business. we may just start over with them since I don't think its worth the time trying to fix it when we can redo much quickly
0
 
KwoofCommented:
I agree with the "start over" unless when you do get to their office, you can log in physically.  When I had physical servers at clients, I occasionally ran into RDP issues, but have since used the physical machine as just a host for virtuals.  It simplifies backup, recovery and the ability to remote to the actual servers by connected to the host first.  Also Server 2012 has improved vhdx files
0
 
ComptxAuthor Commented:
I use logmein for the remote control, so its a console and not an rdp session. both give out the same error logging on.
0
 
compdigit44Commented:
You never answered the question is the client workstation are still able to log into the domain or not?
0
 
ComptxAuthor Commented:
Only administrator and the previously logged in user are able to login. Different user will have the no domain error
0
 
HaslerctCommented:
Hi,

1. Boot to DSRM mode
2. Check the TCP/IP, make sure the DNS is pointing to correct + working DNS


Thanks
0
 
compdigit44Commented:
DO you have access to a VPN connection on the client site with access to a IP KVM to gain console access or access to Out-of-Band management like IMM, ILO or DRAC?
0
 
ComptxAuthor Commented:
I do not, server is 10+ years old and didn't include any fancy stuff
0
 
compdigit44Commented:
Ok, if you or someone else a remote access to a workstation computer, log in domain admin and run the dcdiag /v /e >c:\diag.txt and upload the results or talk through the process with a people on site.
0
 
ComptxAuthor Commented:
client has declined any more work to troubleshoot on their systems and opted for the option to redo their domain.

thank you all for your time
0
 
ComptxAuthor Commented:
no solution, re-did domain
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 6
  • 4
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now