Antwort: System Account Password
From: j.mickerts@gmx.netDate: 11/26/01
- Previous message: Morrow, Jason: "RE: IIS4/5 Directory Security and OWA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Cav <Cav@hawaii.rr.com> Subject: Antwort: System Account Password Message-ID: <OF039337E9.6019E0F5-ONC1256B10.006D978B@gmx.net> From: j.mickerts@gmx.net Date: Mon, 26 Nov 2001 21:11:27 +0100
Hi,
first of all, just a few questions:
How many Domain-Controllers do you run? If you have more than one it might
well be a Netlogon issue (maybe the DCs are not in sync). It should not be
an issue if the client was not logged on to the network for some time. You
should check which DC is doing the authentication in case it fails and
check whether it is always the same DC. If yes, you can do a full sync of
the BDC with the netdom command supplied in the Resource Kit, maybe this
will solve the issue. If this will resolve it, the DC corrupts its SAM
replica and you should investigate why this happens, typically this is a
hardware issue.
You might create a local account on the laptops with rights to change the
computer to be member of a workgroup. If you then delete the computer
account, wait until it is removed from the Server Manager, sync the
domain, re-create the computer account, sync the domain, it should be
possible to add the computer to the domain without providing the right to
the user to add/remove computers to/from the domain.
Kind regards,
Jens Mickerts
Cav <Cav@hawaii.rr.com>
26.11.2001 09:09
An: FOCUS-MS@SECURITYFOCUS.COM
Kopie:
Thema: System Account Password
Hi,
I administer a Windows NT4 domain and am having issues with remote dial-up
(VPN) users who travel. Occasionally, these users are going on travel and
are experiencing problems with their machine account passwords. They get
to the remote location and logon using dial-up networking and are getting
the following error message.
The system could not log you on to this domain because the system's
computer account in its primary domain is missing or the password on that
account is incorrect
The computer accounts do exist (they're added to the domain during the
standard laptop build), and so I believe these users are using their
laptops only after an extended period of non-usage, causing the machine
account passwords to be out of sync. Is this true or could it be
something
else (it happens occasionally, but much less frequently to workstations on
the domain)? And the biggest question I have is how can I resolve this
issue while the user is on travel (i.e. remotely)? The users don't have
administrator access to their laptops, basically just user
access. Currently we're subjected to sending up a replacement hard drive
to the user...not a very convenient process. Any help would be
appreciated.
-Steven T.
- Previous message: Morrow, Jason: "RE: IIS4/5 Directory Security and OWA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
