Improve company productivity with a Business Account.Sign Up

x
?
Solved

can not login in the morning

Posted on 2013-12-23
11
Medium Priority
?
273 Views
Last Modified: 2013-12-23
Hi,

We have a DC environment in the office, there is one pc can not be logged in every morning, keeps saying wrong password, but once reboot, it is fine, any ideas?  thx
0
Comment
Question by:mcrmg
  • 6
  • 3
  • 2
11 Comments
 
LVL 11

Expert Comment

by:Miftaul
ID: 39735992
Can you logon to the PC with local credentials and check the system Time.
0
 
LVL 15

Expert Comment

by:unknown_routine
ID: 39735993
What do you reboot? DC?
0
 

Author Comment

by:mcrmg
ID: 39735996
actually, I did not try that.  But, I just checked the time on that pc (domain login), the time is correct...thx
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:mcrmg
ID: 39735997
I reboot PC...thanks
0
 
LVL 15

Accepted Solution

by:
unknown_routine earned 1000 total points
ID: 39736011
Something is broken here. When user sees wrong password,  go to the DC computer and reset his password and have him reboot.

Do you have only 1 DC? if you have more than one make sure replication is set up correctly DC.
0
 
LVL 11

Assisted Solution

by:Miftaul
Miftaul earned 1000 total points
ID: 39736018
Next time when the PC doesn't allow you to login using domain credential, log in using local credential and check the time.

If the local PC time and the DC time doesnt match, you cant logon. It could happen when the  BIOS battery is faulty that the system initiates to default time when first started. Rebooting is different case, as it can hold previous time, I did face similar issue before.
0
 

Author Comment

by:mcrmg
ID: 39736023
This is what I found out, it loos like the replication access was denied, but I am not sure how to fix it, can EE give me some directions...thx


C:\Users\MYPC>repadmin /showrepl

Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\MYSRV1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: b7a823a8-da25-42c6-837f-140dd8c2afbf
DSA invocationID: ffb16316-aa6a-4336-8d1c-bb7d8642c15f

==== INBOUND NEIGHBORS ======================================

DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 09:11:15 was successful.

CN=Configuration,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

CN=Schema,CN=Configuration,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

DC=DomainDnsZones,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

DC=ForestDnsZones,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.
DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.
DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.
0
 
LVL 11

Assisted Solution

by:Miftaul
Miftaul earned 1000 total points
ID: 39736032
Can you check the DNS server if there is any issues. And you are running Repadmin from an elevated command prompt, right.
0
 

Author Comment

by:mcrmg
ID: 39736049
DNS does not seem have issues.

I rebooted the second DC and ran repadmin from elevated command prompt (I didnt).  Here is the result


C:\Windows\system32>repadmin /showrepl

Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\MYSRV1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: b7a823a8-da25-42c6-837f-140dd8c2afbf
DSA invocationID: ffb16316-aa6a-4336-8d1c-bb7d8642c15f

==== INBOUND NEIGHBORS ======================================

DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 09:25:07 was successful.

CN=Configuration,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

CN=Schema,CN=Configuration,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 08:54:51 was successful.

DC=DomainDnsZones,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 09:22:42 was successful.

DC=ForestDnsZones,DC=LOCAL,DC=MY-DM,DC=COM
    Default-First-Site-Name\MYSRV2 via RPC
        DSA object GUID: d5e4877e-e259-49bf-a462-5aa0995e75c6
        Last attempt @ 2013-12-23 09:22:57 was successful.
0
 

Author Comment

by:mcrmg
ID: 39736051
Under File Replication Service, I see this on the second DC



The File Replication Service is having trouble enabling replication from MYSRV1 to MYSRV2 for c:\windows\sysvol\domain using the DNS name MYSRV1.LOCAL.MY-DM.COM. FRS will keep retrying.
 Following are some of the reasons you would see this warning.
 
 [1] FRS can not correctly resolve the DNS name MYSRV1.LOCAL.MY-DM.COM from this computer.
 [2] FRS is not running on MYSRV1.LOCAL.MY-DM.COM.
 [3] The topology information in the Active Directory Domain Services for this replica has not yet replicated to all the Domain Controllers.
 
 This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
0
 

Author Comment

by:mcrmg
ID: 39736123
I just did a test, I created a new user on DC1, and it shows up on DC2 as well.  I assume it is working somehow...
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question