I manage a small network. There are twelve XP machines running off of a windows 2000 server. I have worked most of the bugs from the network since I took this job in June. I have one remaining problem which is more of a source of irritation than it is a problem. I have one machine in the domain that continues to generate a netlogon error in the system log. The event ID is 5513 and it states “The computer TOM tried to connect to the server \\SERVER using the trust relationship established by the Mr. Dell domain. However, the computer lost the security identifier (SID) when the domain was reconfigured. Reestablish the trust relationship”. I have deleted the computer from the domain (at the server console) then tried to re-add it to the domain logging on the client locally as the administrator. It gets clear through the wizard, then it tells you that the server cannot perform the required action. After this is done, you go back to the console and it shows the machine Tom with a red X through it, you reset it and the red X goes away. The problem is that after this procedure, the profile (right click on the computer TOM)of the Tom machine is missing elements like the operating system, and DNS name. I have read until my eyes have crossed, and have yet to find the combination to correct this error. I now have another problem, I lost a hard drive this week on another machine. When I try to add the new replacement, will I run into the same problem? The things I have tried are Ping the NIC, the server etc.. I have also deleted the TCP/IP settings and reinstalled them, deleted mapping. I am reluctant to delete the domain profile from the XP machine. I am at my wits end.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Windows Server 2000 netlogon errors 1
- Thread starter dmz740
- Start date
-
1
- #2
The SID's are generated at time of creation of the user account on the Server. Wehn you join the domain for the FIRST time a copy is placed into the local profile on the local computer. To correct the problem I do the below.
(This is copy and pasted from one of my previous posts)
Log onto the XP workstations as a LOCAL account. Navagate to the users profiles (C:\Documents and Settings) and rename the network profile folder name (eg add a -old to the end of the folder name)
Right click on My Comp - Properties - Comp Name tab - Click on Network ID - Walk through the wizard to join the new domain
Restart.
Log onto machine with Network user name and password. XP should automatically create the account profile. If you get the error "This comp does not allow you to log on interactively" then you need to log on as the Network Admin account (at that workstation) and add the user to the user accounts manually. Logoff admin and log in as user.
Go to the C:\Documents and Settings again and look for the new user profile - just to make sure it is there.
Restart your machine
Log onto the machine as either a local user or the Network Admin user. Go to the New profile - open the folder - click on tools - View hidden files and folders. Copy the ntuser.dat.LOG TEXT file (should be 1-20 KB big). Paste this file in the old account folder. Delete the new account folder and remane the old folder EXCATLY as the new folder was call e.g.:
Old folder was goner-old
New folder was goner.network
copy dat file to goner-old
erase goner.network folder
rename goner-old to goner.network
Restart computer
Log on as netwrok user name all your settings should now have migrated. You may need to reassociate the Outlook profile as the folder name may have changed.
I know this works when you need to re attahced a Computer to a 2000 domain (ie if you SID's get dropped and you need to re join). This may not work as there was no AD in NT 4.0 so the dat text files may be incompatable.
Hope this helps
Goner05
~To most people a computer is an $1,800.00 deck of cards
(This is copy and pasted from one of my previous posts)
Log onto the XP workstations as a LOCAL account. Navagate to the users profiles (C:\Documents and Settings) and rename the network profile folder name (eg add a -old to the end of the folder name)
Right click on My Comp - Properties - Comp Name tab - Click on Network ID - Walk through the wizard to join the new domain
Restart.
Log onto machine with Network user name and password. XP should automatically create the account profile. If you get the error "This comp does not allow you to log on interactively" then you need to log on as the Network Admin account (at that workstation) and add the user to the user accounts manually. Logoff admin and log in as user.
Go to the C:\Documents and Settings again and look for the new user profile - just to make sure it is there.
Restart your machine
Log onto the machine as either a local user or the Network Admin user. Go to the New profile - open the folder - click on tools - View hidden files and folders. Copy the ntuser.dat.LOG TEXT file (should be 1-20 KB big). Paste this file in the old account folder. Delete the new account folder and remane the old folder EXCATLY as the new folder was call e.g.:
Old folder was goner-old
New folder was goner.network
copy dat file to goner-old
erase goner.network folder
rename goner-old to goner.network
Restart computer
Log on as netwrok user name all your settings should now have migrated. You may need to reassociate the Outlook profile as the folder name may have changed.
I know this works when you need to re attahced a Computer to a 2000 domain (ie if you SID's get dropped and you need to re join). This may not work as there was no AD in NT 4.0 so the dat text files may be incompatable.
Hope this helps
Goner05
~To most people a computer is an $1,800.00 deck of cards
- Thread starter
- #3
Yep, but just to clarify
Log onto the XP workstations as a LOCAL account. Navagate to the users profiles (C:\Documents and Settings) and rename the network profile folder name (eg Original folder name goner, or goner.dsn or goner.dns.000 add a -old to the end of the folder name)
Goner05
Log onto the XP workstations as a LOCAL account. Navagate to the users profiles (C:\Documents and Settings) and rename the network profile folder name (eg Original folder name goner, or goner.dsn or goner.dns.000 add a -old to the end of the folder name)
Goner05
- Thread starter
- #5
A couple of last things before I give this a spin. I have to do this early in the morning because the user of the machine is very busy during normal hours. Do I want to delete theis computer profile from the active directory before trying to reestablish this machine? The renaming of the folder to old is great, then once XP recreates the new user profile (after running the wizard), I just copy it back to the original folder and remove the old from the original folder title? Can you make me familiar with the changing of the Outlook profile? I think I know what you mean but I want to be sure. Lastly, I didn't really understand what you meant in your last paragraph, i.e. This may not work as there was no AD in NT 4.0 so the dat files may be incompatable. Just means you don't think it will work in NT 4.0? Your help is appreciated.
I should have deleted that last paragraph as it was copy and pasted from another post.
I do not make any changes to the AD on the server before I do this.
All you need out of the new profile that is created on the local machine is the dat.log TEXT file. Just copy that TEXT file into the old folder. write down the name of the folder that you copied it from (e.g goner.network) and rename the old folder to goner.network as the folder name has to be EXACTLY the same name as you copied the dat.log text file from.
As for the outlook, when it opens for the first time after doing this you may have to reassociate the outllok pst file. If the box appears to do this then just "move back" in the path until you find the folder name and just change the folder name to match the profile folder name
e.g. OLD PATH - C:\Documents and Settings\goner\Local Settings\Application Data\Microsoft\Outlook.....
NEW PATH - C:\Documents and Settings\goner.network\Local Settings\Application Data\Microsoft\Outlook.....
Sometime the Outlook profile will reassociate it self and sometimes you have to help it along so it is worth mentioning.
I do not make any changes to the AD on the server before I do this.
All you need out of the new profile that is created on the local machine is the dat.log TEXT file. Just copy that TEXT file into the old folder. write down the name of the folder that you copied it from (e.g goner.network) and rename the old folder to goner.network as the folder name has to be EXACTLY the same name as you copied the dat.log text file from.
As for the outlook, when it opens for the first time after doing this you may have to reassociate the outllok pst file. If the box appears to do this then just "move back" in the path until you find the folder name and just change the folder name to match the profile folder name
e.g. OLD PATH - C:\Documents and Settings\goner\Local Settings\Application Data\Microsoft\Outlook.....
NEW PATH - C:\Documents and Settings\goner.network\Local Settings\Application Data\Microsoft\Outlook.....
Sometime the Outlook profile will reassociate it self and sometimes you have to help it along so it is worth mentioning.
- Thread starter
- #7
- Thread starter
- #8
Goner I hope your still there. I have been unable to try this yet but the user will be out of town next Thursday and Friday so away we go. One last question, I was reading back through your instructions, which file do I want you quote a ntuser.dat.log text file. Is that the one that is actually the text document or is it the ntuser.dat file. The text file is only 1kb. Thanks again for the help.
- Thread starter
- #10
- Status
Similar threads
- Locked
- Question
- Locked
- Question
