Solved

Windows 2000 server DC Crash

Posted on 2014-03-26
4
229 Views
Last Modified: 2014-04-03
Hi all,

I have a Windows 2000 server that is a PDC, it has crashed with a hardware failure
Lets say the domain name is mycompany.com
Users there are logging in and are being authenticated by a BDC.
They can't see their files anymore, but that is not my priority right now

In a child domain, lw.mycompany.com I am now having user logon problems.
If a user trys to log in they get the message: "The username or password is incorrect"
If I change the password at the lw.mycompany DC to another password, it still fails.

If my login problems are being caused by the PDC failure, I don't see how.
Users in the lw.mycompany.com domain login to the lw.mycompany domain, not the mycompany.com domain

I need to get these users logged in, can someone please help?
0
Comment
Question by:permacel
  • 2
4 Comments
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 39957511
Are the DNS entries for the child domain available on the BDC?
Do you see errors in the Security or System event logs related to the failed attempts?
Have you promoted the BDC and seized the FSMO roles held by the PDC?
This is not, as you have discovered, an issue with forgotten or misremembered passwords, but the client's ability to access and pass through the credentials to the child domain.
0
 

Author Comment

by:permacel
ID: 39957537
Thanks for the quick reply.
You meantion "pass thru credentials"

I want you to be clear.
A client in the lw.mycompany.com domain is trying to login to the lw.mycompany domain
I don't think there is any pass through going on.
(If there is please explain how)

as a workaround, we have the user login locally to his PC using the local admin account
Then map a drive to the shared folders on the lw.mycompany DC using administrator creds, and it works

Does that give you any clues?
0
 
LVL 15

Accepted Solution

by:
WalkaboutTigger earned 500 total points
ID: 39957556
So the client workstation is in the child domain?
If you log in to the parent domain on this computer, does it authenticate correctly?  If so, is the logonserver environment variable set to the expected server?
In order to failure events being logged in the security event log?
hild.
By pass-through, I mean the client workstation has to determine to which server it needs to send the authentication request AND the resulting server must have the necessary AD records to authenticate the user.  It is likely getting child.domain.tld records from the BDC, but the BDC may be missing critical DNS entries required for authentication
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39957578
Hi,

1. Run the NETDOM QUERY FSMO and see the roles.
2. Run DCDIAG /V
3. Run DCDIAG /test:DNS
4. also see the event logs for errors.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question