I recently ran windows updates on my win2k DC and now I can not logon to the domain from my Nt4.0 member server. It is telling me that a domain controlelr cannot be found. Does anyone have recommended steps in troubleshooting this problem. There are 2 DCs both in Native Mode one of which is an Exchange 2000 server. Any help would be appreciated. I seem to remember that an account is created when AD is 1st installed that allows for backward compatibility. Anyone know what that account is?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Troubleshooting Authentication
- Thread starter Javamahn
- Start date
You don't need backwards compatibility to logon from a NT member server to a W2K domain (the group is called 'Pre-Windows 2000 Compatible Access' by the way). This sounds like you have a DNS or WINS problem. Check your DNS srv-records and the ipconfig on the NTserver (can you ping the DC's?), to see if it points to the right DNS server(s). Also check (just to be sure) the computer account for the NTserver.
- Thread starter
- #3
Thank you for the reply. I can ping the server from the Nt4 machine. The machine account was part of the AD domain but I removed it and tried to rejoin the NT 4 box to the domain ( Using domain\Administrator account) after moving it to a workgroup.
The Error message is "Unable to connect to thhe domain controller. Either the Username or the password is incorrect"
I have even gone to an LMHOSTS file to make sure name resolution was not a problem. A possible addtion is the fact that I can no longer logon to that DC using Terminal Srvices in Admin Mode but I can logon directly. Is there a permission or right that I have forgotten about?
The Error message is "Unable to connect to thhe domain controller. Either the Username or the password is incorrect"
I have even gone to an LMHOSTS file to make sure name resolution was not a problem. A possible addtion is the fact that I can no longer logon to that DC using Terminal Srvices in Admin Mode but I can logon directly. Is there a permission or right that I have forgotten about?
InfrArch
IS-IT--Management
- Aug 27, 2001
- 465
First of all try to ensure that your DC listens on the respective ports to which you can not connect. Use some PortScanner or simple telnet to the specific port number to accomplish this task. Are you able to map drive from your NT on your DC?
Victor K
MCSE+I;MCSE(w2k);CNE(5.1);CNE(6);CIWSP;CIWSA;Net+;CCNA;CCSE+
Victor K
MCSE+I;MCSE(w2k);CNE(5.1);CNE(6);CIWSP;CIWSA;Net+;CCNA;CCSE+
- Thread starter
- #5
I port scanned and saw Netbios and 3389 (RDP) open on the DC.
I am running DHCP,DNS & WINS on the affected DC.
The NT member server is static IP with the correct entries for DNS and WINS as well as an LMHOSTS file.
Running nbtstat -R and -c show the domain and DC correctly resolving.
I cannot map a drive on the DC using a "net use Z: \\DCNAME\SHARENAME /USER
OMAINNAME\administrator". It never prompts me for the password. The error is a semaphore timeout when I try.
I can map a share on the second DC or an application server that is in the domain from that NT4 machine.
I lost the ability for windows 98 machines ( I have only 2), The windows Nt4 server (my web server), one copier (using SMB) to be able to connect to this DC ( which of course was the 1st in the forest) as well as being able to connect to terminal servioces (Admin mode). Please any help is appreciated.
I am running DHCP,DNS & WINS on the affected DC.
The NT member server is static IP with the correct entries for DNS and WINS as well as an LMHOSTS file.
Running nbtstat -R and -c show the domain and DC correctly resolving.
I cannot map a drive on the DC using a "net use Z: \\DCNAME\SHARENAME /USER
OMAINNAME\administrator". It never prompts me for the password. The error is a semaphore timeout when I try. I can map a share on the second DC or an application server that is in the domain from that NT4 machine.
I lost the ability for windows 98 machines ( I have only 2), The windows Nt4 server (my web server), one copier (using SMB) to be able to connect to this DC ( which of course was the 1st in the forest) as well as being able to connect to terminal servioces (Admin mode). Please any help is appreciated.
InfrArch
IS-IT--Management
- Aug 27, 2001
- 465
Hmmm..interesting problem. Can you map a drive from your NT4.0 on your DC by using IP address of the DC, but not NetBIOS name? Do you see in WINS database, that NT4.0 srv is there and registered correctly as well as both DC's? Delete it from WINS database and try to reregister NT4.0 in WINS. Results - positive? Ensure, that as WINS clients defined BOTH servers : 2 DCs and NT4.0. Please, post research results.
Good luck!
Victor K
MCSE+I;MCSE(w2k);CNE(5.1);CNE(6);CIWSP;CIWSA;Net+;CCNA;CCSE+
Good luck!
Victor K
MCSE+I;MCSE(w2k);CNE(5.1);CNE(6);CIWSP;CIWSA;Net+;CCNA;CCSE+
- Thread starter
- #7
I wiped out all WINS records and rebooted the NT server. Did a nbtstat -RR and -c to check cache. I can ping the secondary server. I cannot map a drive to 10.1.1.10\shared ( the affected DC) same smeaphore timeout error. I am looking into the security settings between the 2 DCs making sure that a change was not made by a hotfix in there somewhere. Still cannot join the domain.
BTW. Thank you very much for taking the time to help.
BTW. Thank you very much for taking the time to help.
- Status
Similar threads
- Locked
- Question
- Locked
- Question