Logon to Windows NT Domain Problem

[libroos]

Dear all,

Has anyone encounter this problem before?

Problem:

A new user was created in NT Server 4.0 domain. But he is only able to log in to the domain at the user workstation (Win95/98) at the first attempt.

Subsequent login was denied with the following error mesg.

"The domain password you supplied is not correct, or access your login server has been denied."

"Username cannot be found."

We have tried to log on this user at other user workstations. But still return the same error message.

We have tried to remove the NIC drivers at the user workstations but was of no help also.
We have check the UTP cables, user workstations was able to accept other user's logon but just not new users.

Could license copies be the culprit?

Anyone ideas?

Thank you.

Regards,
libroos : )

 

[ShaithisDanoveur]

Seen this problem with the user's information not having replicated to the BDC's. When you add users it takes a while to propagate to your BDC's depending on the speed of the network and the traffic. Also seen this problem when the user was added using a machine other than the PDC - until the sync is finished that user will have problems with logons.

Remember that you have to use the User Manager for Domains to add users - simply adding them to a workstation doesn't do it.

As for licenses, no, you'd simply get an error in your event log about having exceeded your allowable license count in most cases.

 

[libroos]

Dear ShaithisDanoveur,

Thank you for your keen response.. : )

It is true that we have two servers running. But this new user account was added in the PDC (NT SERVER 4.0).

The event viewer has no errors reported relating to the licensing copies. However, there is an error stating a violation of security identifier. Could it be from the license or any other security issues?

This is the error message in the event viewer:

"THE COMPUTER BONSERVER TRIED TO CONNECT TO BONSERVER USING THE TRUST RELATIONSHIP ESTABLISHED BY THE BON DOMAIN. HOWEVER, THE COMPUTER LOST THE CORRECT SECURITY IDENTIFIER (SID) WHEN THE DOMAIN WAS RECONFIGURED. REESTABLISH THE TRUST RELATIONSHIP."

I have used the ADMINSTRATIVE TOOLS --> USER MANAGER FOR DOMAINS to create the new user. After creating the new user, I went to few user workstations (installed with Windows 98 or Windows 95) to attempt to log on but was still unsuccessful and receive the below error message.

"Username cannot be found."

Please kindly advise.

Anyone penny from anyone?

Thank you.

Regards,
libroos

 

[ShaithisDanoveur]

Aha. Remove the machine from the domain, then re-add it. Because the SID associated with that machine has become pretty frelled (to coin the Farscape phrase) the trust relationship no longer exists - your PDC thinks that the machine is an impersonator.

Once you've deleted the machine from the domain and re-added it, it will receive a new SID, which should take care of the problem.

 

[libroos]

Hi,

Will installing the NT Service Pack help?

Regards,
libroos : )

 

[libroos]

Hi,

I have added one new user called "testuser".
Password is the same. However, I still get the same error message which is: "username not found"

Anyone would be able to advise more on how to reestablishing the trust relationships with my BDC?

Do I have to recreate the same account, "testuser" on the BDC as well?

Thank you.

Regards,
libroos