If I'm logged into the domain, via the XP pro, under a user with full admin rights and I go to control panel >> System >> Advanced >> Settings (User profiles) I have two accounts:
1) the local system admin account and
2) the domain 'SANTA' user account that also has local machine admin rights
When I click the 'Change type' button 'Roaming profile' is greyed out so I'm unable to select a roaming profile for either user.
The other thing that's strange is that I can't add a new domain user to the same XP machine (which already has one registered domain user) even when I'm already logged into the domain. I get the error:
-----------------------
"The user could not be added because the following error occured:
The trust relationship between this workstation and the primary domain failed"
-----------------------
I'm using Windows 2003 Enterprise on one machine and XP pro on another connected at home on a LAN in order for me to do some tests on a XP / W2K3 Server development environment.
I've managed to setup a local domain, with one a DC
I have only one DNS server running
Active directory integrated
DHCP disabled
Client: Windows XP Professional
Server: Windows 2003 Enterprise
Computers are connected wirelessly via router/modem
I can log into the domain from the client and server machine
I can remotely access the server via terminal services.
So far I can pretty much do everything I need to do but for setting up roaming profiles and the problem of adding an additional domain user to the xp client.
The annoying thing is that all the info I've read about how to set up roaming profiles has said that it's easy...I'm pulling my hair out over the thing!
I have a feeling that it might not be something I'm doing (procedures to set up roaming profiles) but something I might have done (or not done), regarding setting up the server, that could be preventing me from having roaming profiles.
Could the problem be some something to do with the NETLOGON error message produced on the server?
SERVER system event logs
shows the following error:
------------------------------
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5723
Date: 27/09/2005
Time: 09:59:24
User: N/A
Computer: DESKTOP-1500
Description:
The session setup from computer 'laptop1' failed because the security database does not
contain a trust account 'laptop1$' referenced by the specified computer.
USER ACTION
If this is the first occurrence of this event for the specified computer and account, this
may be a transient issue that doesn't require any action at this time. Otherwise, the
following steps may be taken to resolve this problem:
If 'laptop1$' is a legitimate machine account for the computer 'laptop1', then 'laptop1'
should be rejoined to the domain.
If 'laptop1$' is a legitimate interdomain trust account, then the trust should be recreated.
Otherwise, assuming that 'laptop1$' is not a legitimate account, the following action should
be taken on 'laptop1':
If 'laptop1' is a Domain Controller, then the trust associated with 'laptop1$' should be
deleted.
If 'laptop1' is not a Domain Controller, it should be disjoined from the domain.
------------------------------
CLIENT system event logs
show (in order of appearance since last reboot):
------------------------------
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 27/09/2005
Time: 10:11:55
User: N/A
Computer: laptop1
Description:
The Security System could not establish a secured connection with the server
DNS/prisoner.iana.org. No authentication protocol was available.
------------------------------
------------------------------
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5721
Date: 27/09/2005
Time: 10:14:22
User: N/A
Computer: laptop1
Description:
The session setup to the Windows NT or Windows 2000 Domain Controller
\\desktop-1500.santa.homedomain for the domain SANTA failed because the Domain Controller
does not have an account for the computer laptop1.
------------------------------
------------------------------
Event Type: Information
Event Source: Tcpip
Event Category: None
Event ID: 4201
Date: 27/09/2005
Time: 10:23:33
User: N/A
Computer: laptop1
Description:
The system detected that network adapter Wireless-G...Adapter - Packet Scheduler Miniport
was connected to the network, and has initiated normal operation over the network adapter.
------------------------------
------------------------------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 18
Date: 27/09/2005
Time: 10:26:03
User: N/A
Computer: laptop1
Description:
The time provider NtpClient failed to establish a trust relationship between this computer
and the santa.homedomain domain in order to securely synchronize time. NtpClient will try
again in 30 minutes. The error was: The trust relationship between this workstation and the
primary domain failed. (0x800706FD)
------------------------------
------------------------------
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 27/09/2005
Time: 10:26:03
User: N/A
Computer: laptop1
Description:
The time provider NtpClient is configured to acquire time from one or more time sources,
however none of the sources are currently accessible. No attempt to contact a source will
be made for 29 minutes. NtpClient has no source of accurate time.
------------------------------
------------------------------
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 27/09/2005
Time: 10:26:03
User: N/A
Computer: laptop1
Description:
The time provider NtpClient is configured to acquire time from one or more time sources,
however none of the sources are currently accessible. No attempt to contact a source will
be made for 29 minutes. NtpClient has no source of accurate time.
------------------------------
------------------------------
Event Type: Warning
Event Source: BROWSER
Event Category: None
Event ID: 8021
Date: 27/09/2005
Time: 10:38:22
User: N/A
Computer: laptop1
Description:
The browser was unable to retrieve a list of servers from the browser master \\DESKTOP-1500
on the network \Device\NetBT_Tcpip_{918F5798-7E15-4A91-AA89-1B83B50A334A}. The data is the
error code.
------------------------------
------------------------------
Event Type: Error
Event Source: BROWSER
Event Category: None
Event ID: 8032
Date: 27/09/2005
Time: 10:40:24
User: N/A
Computer: laptop1
Description:
The browser service has failed to retrieve the backup list too many times on transport
\Device\NetBT_Tcpip_{918F5798-7E15-4A91-AA89-1B83B50A334A}. The backup browser is stopping.
------------------------------
I'd appreciate any help you can provide.
1) the local system admin account and
2) the domain 'SANTA' user account that also has local machine admin rights
When I click the 'Change type' button 'Roaming profile' is greyed out so I'm unable to select a roaming profile for either user.
The other thing that's strange is that I can't add a new domain user to the same XP machine (which already has one registered domain user) even when I'm already logged into the domain. I get the error:
-----------------------
"The user could not be added because the following error occured:
The trust relationship between this workstation and the primary domain failed"
-----------------------
I'm using Windows 2003 Enterprise on one machine and XP pro on another connected at home on a LAN in order for me to do some tests on a XP / W2K3 Server development environment.
I've managed to setup a local domain, with one a DC
I have only one DNS server running
Active directory integrated
DHCP disabled
Client: Windows XP Professional
Server: Windows 2003 Enterprise
Computers are connected wirelessly via router/modem
I can log into the domain from the client and server machine
I can remotely access the server via terminal services.
So far I can pretty much do everything I need to do but for setting up roaming profiles and the problem of adding an additional domain user to the xp client.
The annoying thing is that all the info I've read about how to set up roaming profiles has said that it's easy...I'm pulling my hair out over the thing!
I have a feeling that it might not be something I'm doing (procedures to set up roaming profiles) but something I might have done (or not done), regarding setting up the server, that could be preventing me from having roaming profiles.
Could the problem be some something to do with the NETLOGON error message produced on the server?
SERVER system event logs
shows the following error:
------------------------------
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5723
Date: 27/09/2005
Time: 09:59:24
User: N/A
Computer: DESKTOP-1500
Description:
The session setup from computer 'laptop1' failed because the security database does not
contain a trust account 'laptop1$' referenced by the specified computer.
USER ACTION
If this is the first occurrence of this event for the specified computer and account, this
may be a transient issue that doesn't require any action at this time. Otherwise, the
following steps may be taken to resolve this problem:
If 'laptop1$' is a legitimate machine account for the computer 'laptop1', then 'laptop1'
should be rejoined to the domain.
If 'laptop1$' is a legitimate interdomain trust account, then the trust should be recreated.
Otherwise, assuming that 'laptop1$' is not a legitimate account, the following action should
be taken on 'laptop1':
If 'laptop1' is a Domain Controller, then the trust associated with 'laptop1$' should be
deleted.
If 'laptop1' is not a Domain Controller, it should be disjoined from the domain.
------------------------------
CLIENT system event logs
show (in order of appearance since last reboot):
------------------------------
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 27/09/2005
Time: 10:11:55
User: N/A
Computer: laptop1
Description:
The Security System could not establish a secured connection with the server
DNS/prisoner.iana.org. No authentication protocol was available.
------------------------------
------------------------------
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5721
Date: 27/09/2005
Time: 10:14:22
User: N/A
Computer: laptop1
Description:
The session setup to the Windows NT or Windows 2000 Domain Controller
\\desktop-1500.santa.homedomain for the domain SANTA failed because the Domain Controller
does not have an account for the computer laptop1.
------------------------------
------------------------------
Event Type: Information
Event Source: Tcpip
Event Category: None
Event ID: 4201
Date: 27/09/2005
Time: 10:23:33
User: N/A
Computer: laptop1
Description:
The system detected that network adapter Wireless-G...Adapter - Packet Scheduler Miniport
was connected to the network, and has initiated normal operation over the network adapter.
------------------------------
------------------------------
Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 18
Date: 27/09/2005
Time: 10:26:03
User: N/A
Computer: laptop1
Description:
The time provider NtpClient failed to establish a trust relationship between this computer
and the santa.homedomain domain in order to securely synchronize time. NtpClient will try
again in 30 minutes. The error was: The trust relationship between this workstation and the
primary domain failed. (0x800706FD)
------------------------------
------------------------------
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 27/09/2005
Time: 10:26:03
User: N/A
Computer: laptop1
Description:
The time provider NtpClient is configured to acquire time from one or more time sources,
however none of the sources are currently accessible. No attempt to contact a source will
be made for 29 minutes. NtpClient has no source of accurate time.
------------------------------
------------------------------
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 27/09/2005
Time: 10:26:03
User: N/A
Computer: laptop1
Description:
The time provider NtpClient is configured to acquire time from one or more time sources,
however none of the sources are currently accessible. No attempt to contact a source will
be made for 29 minutes. NtpClient has no source of accurate time.
------------------------------
------------------------------
Event Type: Warning
Event Source: BROWSER
Event Category: None
Event ID: 8021
Date: 27/09/2005
Time: 10:38:22
User: N/A
Computer: laptop1
Description:
The browser was unable to retrieve a list of servers from the browser master \\DESKTOP-1500
on the network \Device\NetBT_Tcpip_{918F5798-7E15-4A91-AA89-1B83B50A334A}. The data is the
error code.
------------------------------
------------------------------
Event Type: Error
Event Source: BROWSER
Event Category: None
Event ID: 8032
Date: 27/09/2005
Time: 10:40:24
User: N/A
Computer: laptop1
Description:
The browser service has failed to retrieve the backup list too many times on transport
\Device\NetBT_Tcpip_{918F5798-7E15-4A91-AA89-1B83B50A334A}. The backup browser is stopping.
------------------------------
I'd appreciate any help you can provide.
