Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unable to login as a new user into Windows domain 1

Status
Not open for further replies.
1LUV1T

1LUV1T

IS-IT--Management
Nov 6, 2006
231
US
Hi, I am experiencing a very odd issue. I am creating new user accounts in Active Directory (Windows 2003) as I normally do. However, when I try to login with the new account(s) I get this error:
"The system could not log you on. Make sure your user name and domain are correct, then type your password again."

I am staring at the account. I have even created test/test account and still no go. My domain controller and other server are all online and everything seems normal. What can be preventing new accounts from logging in?

 
Sort by date Sort by votes
Have you checked the local security policy on the machines (or GPO's) to see if any users are not allowed to logon to the machine interactively?

Are there any special groups your users need to be in?

Mark / TNGPicard
 
Upvote 0 Downvote
also sometimes there is a delay. I have had one not work until restart of the server. Often I just delete the user restart the server (when least used) and add it back after restart. Also I always make the new user on the main AD DC just because it seems to work smoother if I only do AD stuff on one computer.

--
-TheCloak

"You Never Know What Hits You, A Gunshot is the Perfect Way" - JFK
 
Upvote 0 Downvote
Also check the DNS and make sure your computer is pointing to the right place. make sure you can ping the server by its name and ip address

--
-TheCloak

"You Never Know What Hits You, A Gunshot is the Perfect Way" - JFK
 
Upvote 0 Downvote
Does this hapenn on all computers or just the one?
silly question i know but---Is the logon screen pointing to the local pc or the domain?

Regards
Max
Never argue with an idiot, they drag you down to their level and beat you with experience
 
Upvote 0 Downvote
I would first verify that an existing account can log onto the PC. Verify the machine is a member of the domain and as was already suggested, make sure that the workstation is pointing to your internal DNS server. Also verify that DHCP is pushing out the right DNS server information.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
Here's what I know:
Creating any new user in AD will not permit me to login as that user into our terminal server (RDP, Windows2003) nor will it let me log in on a standalone desktop to our domain. The domain is set correctly, there are no errors in DNS logs on Domain Controller, router is setting the correct DNS, and basically there have been no changes that I am aware of.

The only error evident to me is in File Replication Service on our Domain Controller, which says it is having a hard time replicating to our backup Domain Controller.

"The File Replication Service is having trouble enabling replication from DC2 to DC1 for c:\windows\sysvol\domain using the DNS name DC2.SERVER.com. FRS will keep retrying."

The only thing left to try is to reboot the servers over the weekend, however that wont explain the issue and it might not resolve it either. :(
 
Upvote 0 Downvote
AD Replication issues explain a great deal. You create a new user ID on one DC and it never replicates to the other DC. When you try to logon, you may be authenticating against the second DC which is unaware of the user.

Use NETDIAG and DCDIAG to resolve the server issues.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
It was the 'other' Domain Controller stemming from some DNS replication issues.

Thanks everybody.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
745
DrB0b
DrB0b
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
662
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
881
suncit
suncit
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
995
goombawaho
goombawaho
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
523
antonio_dsanchez
antonio_dsanchez

Part and Inventory Search

Sponsor

Back
Top