Re: My domain account is upsetting me

From: Herb Martin (news_at_LearnQuick.com)
Date: 01/08/05

  • Next message: Chema Alonso MS MVP: "Eventos de seguridad [copiado de es.seguridad]"
    Date: Sat, 8 Jan 2005 03:31:55 -0600
    
    

    "Rene" <nospam@nospam.com> wrote in message
    news:O5u1NFU9EHA.2552@TK2MSFTNGP09.phx.gbl...
    > You got it!! It was that DNS thing that was causing all this problems,
    > everything is working fine now, even my logon time went from somewhere
    > around 2 minutes to about 10 seconds.

    Good, that makes it fun when the suggestion
    works right away.

    > The thing that gets me is the partial problem, I thought that I had
    > everything configured right because I was successfully logging to the
    server
    > and able to browse files, print documents etc. I would have preferred that
    > nothing worked from the begging that way I could have tackled the problem
    > and not move forward until everything was working 100% and not 50%.

    Yes, intermittant or partial problems are much harder
    to troubleshoot (usually) than complete failure.
    >
    > Anyway, its working fine now and I can continue testing my program against
    > the server. Thanks for everything.

    You're welcome -- pass it on to others.

    -- 
    Herb Martin
    >
    >
    >
    > "Herb Martin" <news@LearnQuick.com> wrote in message
    > news:u2UaEtS9EHA.3416@TK2MSFTNGP09.phx.gbl...
    > > "Rene" <nospam@nospam.com> wrote in message
    > > news:uCrDSoQ9EHA.3076@TK2MSFTNGP15.phx.gbl...
    > >> I am a Visual Studio .Net developer and currently log on to my local
    > >> computer as an Administrator.
    > >
    > > Been there...
    > >
    > >> To accomplish the above, I basically added my *Domain* account (Server
    > > 2003)
    > >> to my Local Administrator group (Windows XP professional) using the
    > > "Network
    > >> Identification Wizard". This was done easily (*with the wizard*)
    > >>
    > >>
    > >> Now, I want to change my evil ways and logon as a restricted user
    because
    > > I
    > >> realize that there is no justification not to do so. The problem is
    that
    > >> when I try to add my *Domain* user name to local groups I get the
    stupid
    > >> dialog telling me that my domain user account does not exists!! I try
    to
    > >> enter it as "MyDomain\MyUserName" and nothing. What's going on??? Why
    > > are't
    > >> the domain accounts listed???
    > >
    > > Probably due to your machine not authenticating with
    > > a DC -- you would still get on with cached credentials
    > > (if you had ever done it successfully once.)
    > >
    > > Most likely cause is a DNS issue...but if not that it
    > > is still likely an authentication problem.
    > >
    > > It could be something on the Domain (Admin) side so
    > > you may not be able to fix it, but make sure you computer
    > > uses ONLY the internal DNS server set and that
    > > no one  (harumph!) has changed the NIC->IP properties
    > > to point to  External DNS servers or even a mixture of
    > > External/Internal.
    > >
    > > Here's the full story but you may need an admin to check
    > > the server side:
    > >
    > > DNS for AD
    > >    1) Dynamic for the zone supporting AD
    > >    2) All internal DNS clients NIC\IP properties must specify SOLELY
    > >        that internal, dynamic DNS server (set.)
    > >    3) DCs and even DNS servers are DNS clients too -- see #2
    > >
    > > Restart NetLogon on any DC if you change any of the above that
    > > affects a DC and/or use:
    > >
    > >    nltest /dsregdns /server:DC-ServerNameGoesHere
    > >
    > > Ensure that DNS zones/domains are fully replicated to all DNS
    > > servers for that (internal) zone/domain.
    > >
    > > Also useful may be running DCDiag on each DC, sending the
    > > output to a text file, and searching for FAIL, ERROR, WARN.
    > >
    > > Single Lable domain zone names are a problem Google:
    > > [ "SINGLE LABEL"  domain names DNS 2000 | 2003 microsoft: ]
    > >
    > > -- 
    > > Herb Martin
    > >
    > >
    > >>
    > >>
    > >>
    > >> Pleas help me!!!!
    > >>
    > >>
    > >
    > >
    >
    >
    

  • Next message: Chema Alonso MS MVP: "Eventos de seguridad [copiado de es.seguridad]"

    Relevant Pages

    • Issues migrating SBS 2003 domain to Server 2008 Standard
      ... We are stuck migrating our SBS 2003 domain to Server 2008. ... Fatal Error:DsGetDcName (SRV-EXCH) call failed, ... Verify your Domain Name Sysytem (DNS) is ... network connectivity to a domain controller. ...
      (microsoft.public.windows.server.sbs)
    • Re: AD management snap in cannot find DC (netdiag /v workstation)
      ... The name.local entries are used by my apache server to implement ... change button, more button, the "Primary DNS suffix of this ... Attr: subschemaSubentry ... Owner of the binding path: ...
      (microsoft.public.windows.server.active_directory)
    • Re: AD management snap in cannot find DC (netdiag /v workstation)
      ... button, more button, the "Primary DNS suffix of this computer", it should ... The Security System could not establish a secured connection with the server ... Attr: subschemaSubentry ... Owner of the binding path: ...
      (microsoft.public.windows.server.active_directory)
    • Re: RAM needed for DHCP + router?
      ... how do I estimate the amount of RAM the machine will need? ... DHCP leases and DNS resolution from a single FreeBSD server. ... Configuring BIND to offer internal DNS resolution ...
      (freebsd-questions)
    • Re: AD management snap in cannot find DC (netdiag /v workstation)
      ... DNS Host Name: tonyb-pc.imageproc.imageproc.com ... Testing IpConfig - pinging the DHCP Server... ... Attr: subschemaSubentry ... Owner of the binding path: ...
      (microsoft.public.windows.server.active_directory)