Solved

can not login in the morning

Posted on 2013-12-23
11
266 Views
Last Modified: 2013-12-23
Hi,

We have a DC environment in the office, there is one pc can not be logged in every morning, keeps saying wrong password, but once reboot, it is fine, any ideas?  thx
0
Comment
Question by:mcrmg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
11 Comments
 
LVL 11

Expert Comment

by:Miftaul
ID: 39735992
Can you logon to the PC with local credentials and check the system Time.
0
 
LVL 15

Expert Comment

by:unknown_routine
ID: 39735993
What do you reboot? DC?
0
 

Author Comment

by:mcrmg
ID: 39735996
actually, I did not try that.  But, I just checked the time on that pc (domain login), the time is correct...thx
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 

Author Comment

by:mcrmg
ID: 39735997
I reboot PC...thanks
0
 
LVL 15

Accepted Solution

by:
unknown_routine earned 250 total points
ID: 39736011
Something is broken here. When user sees wrong password,  go to the DC computer and reset his password and have him reboot.

Do you have only 1 DC? if you have more than one make sure replication is set up correctly DC.
0
 
LVL 11

Assisted Solution

by:Miftaul
Miftaul earned 250 total points
ID: 39736018
Next time when the PC doesn't allow you to login using domain credential, log in using local credential and check the time.

If the local PC time and the DC time doesnt match, you cant logon. It could happen when the  BIOS battery is faulty that the system initiates to default time when first started. Rebooting is different case, as it can hold previous time, I did face similar issue before.
0
 

Author Comment

by:mcrmg
ID: 39736023
This is what I found out, it loos like the replication access was denied, but I am not sure how to fix it, can EE give me some directions...thx


C:\Users\MYPC>repadmin /showrepl

Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\MYSRV1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: b7a823a8-da25-42c6-837f-140dd8c2afbf
DSA invocationID: ffb16316-aa6a-4336-8d1c-bb7d8642c15f

==== INBOUND NEIGHBORS ======================================

DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 09:11:15 was successful.

CN=Configuration,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

CN=Schema,CN=Configuration,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

DC=DomainDnsZones,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

DC=ForestDnsZones,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.
DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.
DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.
0
 
LVL 11

Assisted Solution

by:Miftaul
Miftaul earned 250 total points
ID: 39736032
Can you check the DNS server if there is any issues. And you are running Repadmin from an elevated command prompt, right.
0
 

Author Comment

by:mcrmg
ID: 39736049
DNS does not seem have issues.

I rebooted the second DC and ran repadmin from elevated command prompt (I didnt).  Here is the result


C:\Windows\system32>repadmin /showrepl

Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\MYSRV1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: b7a823a8-da25-42c6-837f-140dd8c2afbf
DSA invocationID: ffb16316-aa6a-4336-8d1c-bb7d8642c15f

==== INBOUND NEIGHBORS ======================================

DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 09:25:07 was successful.

CN=Configuration,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

CN=Schema,CN=Configuration,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

DC=DomainDnsZones,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 09:22:42 was successful.

DC=ForestDnsZones,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 09:22:57 was successful.
0
 

Author Comment

by:mcrmg
ID: 39736051
Under File Replication Service, I see this on the second DC



The File Replication Service is having trouble enabling replication from MYSRV1 to MYSRV2 for c:\windows\sysvol\domain using the DNS name MYSRV1.LOCAL.MY-DM.COM. FRS will keep retrying.
 Following are some of the reasons you would see this warning.
 
 [1] FRS can not correctly resolve the DNS name MYSRV1.LOCAL.MY-DM.COM from this computer.
 [2] FRS is not running on MYSRV1.LOCAL.MY-DM.COM.
 [3] The topology information in the Active Directory Domain Services for this replica has not yet replicated to all the Domain Controllers.
 
 This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
0
 

Author Comment

by:mcrmg
ID: 39736123
I just did a test, I created a new user on DC1, and it shows up on DC2 as well.  I assume it is working somehow...
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question