Re: issue accessing an AD server

From: ScottS (SSalvatore_at_lbmca.com)
Date: 06/15/04 

Date: Tue, 15 Jun 2004 17:43:42 -0400

Thank you

All the other servers are reachable by the users. The only server that is
having the issue is the restored one.

Not knowing what this means, the following items failed during the netdiag
and DCdiag.

What would be the next steps?

Global results:

Domain membership test . . . . . . : Failed

    [WARNING] Ths system volume has not been completely replicated to the
local machine. This machine is not working properly as a DC.

Trust relationship test. . . . . . : Failed

    [FATAL] Secure channel to domain 'RCAL' is broken.
[ERROR_NO_TRUST_SAM_ACCOUNT]

Kerberos test. . . . . . . . . . . : Failed

        [FATAL] Kerberos does not have a ticket for SPEAKER$.

------------------------------------------------

DC Diagnosis

Performing initial setup:

   [speaker] LDAP bind failed with error 31,

   A device attached to the system is not functioning..

"Steven L Umbach" <n9rou@nscomcast.net> wrote in message
news:OeIzc.59193$Sw.2529@attbi_s51...
> You can reset local security settings to default defined levels as
described
> in the link below. However on a domain controller, Domain Controller
> Security Policy will override user rights assignments. The second link
shows
> how to restore Domain Controller Security Policy user rights to default or
> otherwise modify it.
>
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;313222
> http://support.microsoft.com/?kbid=267553
>
> Having said that, I think your problem is not with security policy, but
> probably due to the fact that your computer accounts may have been
corrupted
> or the comuter passwords on the backup have expired. I would first install
> the support tools on your domain controller and a domain member from the
> install disk under support/tools where you will need to run setup or the
> .msi package there. The run first netdiag and then dcdiag on your domain
> controller looking for failed tests/fatal errors particularly in regards
to
> dns, domain membership, dclist, and trust relationship. If all looks well
> for the dc, run netdiag on a domain member that is experiencing problems
> looking for the same. You may simply need to rejoing the computers to the
> domain or otherwise try to reset their accounts using netdom which may be
> easier but does not always work. If you find a lot of problems with the
dc,
> look in Event Viewer for event ID error numbers and search the Knowledge
> Base or http://eventid.net for what you find. --- Steve
>
> http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B216393
>
> "ScottS" <SSalvatore@lbmca.com> wrote in message
> news:#P2PBNwUEHA.712@TK2MSFTNGP11.phx.gbl...
> > Hi
> >
> > I have an issue accessing an AD server; do to hardware failure I needed
to
> > restore the server from tape. Veritas BE was unable to restore the
sysvol
> > share point, but it did restore the files and folders. I created the
share
> > and right however as an end user I cannot logon to the server. When I
> browse
> > the network places to the server I cannot access the server. I receive
the
> > error Logon failure: the target account name is incorrect. This happens
as
> > the admin as well.
> >
> >
> >
> > I feel it could be a permission issue. Can anyone tell me how to reset
the
> > security permission on an AD server? I want to set them to the same
level
> as
> > it would be after you promote the server to an AD I know its doable I
jus
> > went brain dead on the syntax.
> >
> >
> >
> > I posted this in the
> >
> >
> >
> > Thanks
> >
> > Scott
> >
> >
>
>

Relevant Pages

  • Domain Controller Security Policy errors
    ... Security Policy or the Domain Controller Security Policy. ... The DC is also a print and file server. ... The domain controller for Group Policy operations is not available. ...
    (microsoft.public.win2000.active_directory)
  • Re: issue accessing an AD server
    ... You can reset local security settings to default defined levels as described ... However on a domain controller, ... Security Policy will override user rights assignments. ... > restore the server from tape. ...
    (microsoft.public.win2000.security)
  • Re: Disaster Recovery Site Restoring AD
    ... or where I can restore an up to date AD backup. ... We are not going to be able to setup a replication to the ... We have rebuilt a new server off our domain with similar specs. ... We restored the entire backup of the main domain controller to the ...
    (microsoft.public.windows.server.active_directory)
  • Re: Disaster Recovery Site Restoring AD
    ... or where I can restore an up to date AD backup. ... We are not going to be able to setup a replication to the ... We have rebuilt a new server off our domain with similar specs. ... We restored the entire backup of the main domain controller to the ...
    (microsoft.public.windows.server.active_directory)
  • Re: Local policy does not allow interactive login
    ... I am not sure what the exact problem is but if the server you took offline was a ... you are in native mode as shown in Active Directory Users and Computers. ... fsmo domain controller as their preferred dns server in tcp/ip properties as shown by ... The fact that you can not access Domain Security Policy may be due to the fact that ...
    (microsoft.public.win2000.group_policy)