NT4 Exch5.5 upgrade to W2K OS - logon error %%4294967295
From: RCC (rcc76@hotmail.com)
Date: 06/05/02
- Next message: S. Pidgorny [MVP]: "Re: CA Stand Alone Root vs Enterprise Root"
- Previous message: Eric Chamberlain: "Re: Remote connect to domain without VPN?? How to block."
- Next in thread: RCC: "Re: NT4 Exch5.5 upgrade to W2K OS - logon error %%4294967295"
- Reply: RCC: "Re: NT4 Exch5.5 upgrade to W2K OS - logon error %%4294967295"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "RCC" <rcc76@hotmail.com> Date: Wed, 5 Jun 2002 19:03:22 +1200
Hi guys
Back on the barricades with my NT4 SP6a, Exch 5.5 SP4 member server upgrade
to W2K base OS in an NT 4 domain.
Here are my latest findings.
I'd greatly appreciate any help/comments/suggestions, as MS is completely
ignoring the matter at the moment.
Here is what I did.
Got hold of a server with (almost) identical hardware as my production
machine (Dell PE 2300 dual processor with PERC2 RAID controller, which was
vital for restore). Setup a test network with this server. Added a BDC to
the network with a copy of the real domain SAM and then promoted it to a
PDC, so I could have a complete test network to play with (NT4 domain, NT4
PDC). I can have it for 6 more days, including the weekend...
Installed NT4 base OS on the PE2300 server and restored from an offline
backup I had since my last production server (failed) upgrade attempt.
Server was up and running fine.
Upgraded the machine to W2K. Suddenly all services that were logging on with
domain credentials (i.e. DOMAIN\user rather than localmachine or
localaccount) stopped working. Removed the server from the domain and
re-added it. Same problem. Services will not start, event log reports logon
error %%4294967295, which equals FFFFFFFF.
Ok, that's what I got before trying to update the production server, in two
occasions, and had to revert back to NT4 (restore from tape).
What I found:
Local security event log shows event ID 537
Event ID: 537
Type: Failure Audit
Description: Logon Failure:
Reason: An unexpected error occurred during logon
User Name: -
Domain: -
Logon Type: 5
Workstation Name: --
As far as I know
Type 2 : Console logon - interactive from the computer console
Type 3 : Network logon - network mapping (net use/net view)
Type 4 : Batch logon - scheduler
Type 5 : Service logon - service uses an account
Type 7 : Unlock Workstation
Type 2, 3 and 7 logons work fine (tested). What it bothers me is that I
cannot run ANY service as a DOMAIN user, not can I run any task in the task
scheduler as a DOMAIN user. The other weird thing is the "-" in the User,
Domain and Workstation name. I have browsed the domain and re-added the
right accounts to the services, but no joy. Works fine with local user or
localsystem accounts (well, I won't get into the Exchange that way).
There are no events showed in the security event on the domain controller
for type 4 and 5 logons, only for the other types (that work fine).
I have checked permissions on both the domain policy and the local policy on
the local machine for logon rights (locally, as service, batch, etc).
Granted every possible right to the accounts I wanted to use. Ran secedit
/refreshpolicy for both machine and user and restarted several times.
Applied the compatws and basicsw security templates. No joy.Checked the
registry entries to make sure the service account IS what I intend it to be.
As soon as I try to run a service as something else than localsystem or a
user from localsystem, I get the NT error I mentioned before (almost
immediately).
I'm kind of stuck again. I'm not sure where to look further. It looks like
the system rejects any type 4 and 5 DOMAIN account logon. Could there be a
problem with NTLM or authentication packages and protocols not following the
proper fallback order?
Please help.
Regards,
RCC
- Next message: S. Pidgorny [MVP]: "Re: CA Stand Alone Root vs Enterprise Root"
- Previous message: Eric Chamberlain: "Re: Remote connect to domain without VPN?? How to block."
- Next in thread: RCC: "Re: NT4 Exch5.5 upgrade to W2K OS - logon error %%4294967295"
- Reply: RCC: "Re: NT4 Exch5.5 upgrade to W2K OS - logon error %%4294967295"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
