Trouble with active directory Users and Computers Snap-in

[Bobby]

I had recently installed 3 servers with windows 2000 advanced. Now the
first one SERV1 was installed first with DNS and I did everything that
a tutorial said to do which was to point the dns towards the server
which would be used as a DNS server, which worked just fine. I created
the domain name and everything. Then I installed the second server
SERV2 which I installed a child domain underneath SERV1, this worked
fine with no probs. Then finally I installed the third server SERV3
with AD installing a child root under SERV1 now all the servers DNS
points towards SERV1. I installed exchange server on SERV3 and again
everything worked fine. Now my girlfriend who is taking some WIN2000
classes wanted to help so I course let her, her class was learning
Trusts, now under SERV3 and SERV1 she created a trust that didnt go
through kept giving her messages saying "Unable to Locate SERV1"
something in that matter, anyways after that SERV1 and SERV3 cant
access any AD snapin such as User and Computers nor Trusts, the
message comes up
"Naming information cannot be located because: No authority could be
contacted for authentication."
SERV2 can go in there just fine but not the other ones. I tried 3
diffrent fixes
1,A step by step fix that had me go into REGEDT32 and cut and paste
the binary code to another value which ended up not working
2,NETDIAG /FIX which still didnt fix nothing.
3,Was to try to repair the security on SERV1 by doing Secedit
configure and so forth.

Now I dont know what else to do. All servers have the same password
and all are all time synced (someone said that might be the prob with
the time). All servers have SP4. When trying to connect to SERV1, and
SERV3 via network neighborhood it says "No logon servers were
located". I tried to restart Netlogon service as well as the DNS
service with no luck

Do i have to reset the password or sync the passwords? If so how do i
do that?

Thank you

 

[Herb Martin]

I had recently installed 3 servers with windows 2000 advanced. Now the
first one SERV1 was installed first with DNS and I did everything that
a tutorial said to do which was to point the dns towards the server
which would be used as a DNS server, which worked just fine. I created
the domain name and everything. Then I installed the second server
SERV2 which I installed a child domain underneath SERV1,

Actually it would be a child domain of the FIRST doamin (created by
Serv1 presumably.)

this worked
fine with no probs. Then finally I installed the third server SERV3
with AD installing a child root

Child and Root are mutually exclusive terms. The root is by definition
a child of no other domain. Presumably you mean a child of the second
domain.

under SERV1 now all the servers DNS
points towards SERV1.

So Serv1 is your only DNS server? Unusual but legal, and it
does avoid some rather common problems.

I installed exchange server on SERV3 and again
everything worked fine. Now my girlfriend who is taking some WIN2000
classes wanted to help so I course let her, her class was learning
Trusts, now under SERV3 and SERV1 she created a trust that didnt go
through kept giving her messages saying "Unable to Locate SERV1"

External Trusts are dependent on NetBIOS names -- if all these servers
are on the same subnet that should not be a problem, but if separated
by routers then WINS server will be (practically) required.

Only Shortcut trusts can be created within the same forest.

something in that matter, anyways after that SERV1 and SERV3 cant
access any AD snapin such as User and Computers nor Trusts, the
message comes up

But you said earlier, that everything was fine -- chance are you still
have DNS problems.

"Naming information cannot be located because: No authority could be
contacted for authentication."
SERV2 can go in there just fine but not the other ones. I tried 3
diffrent fixes
1,A step by step fix that had me go into REGEDT32 and cut and paste
the binary code to another value which ended up not working

We cannot diagnose such vague descriptions and it doesn't SOUND
like the fix to such problems as you are having.

2,NETDIAG /FIX which still didnt fix nothing.

DCDiag /FIX would have a better chance since you likely have DC
issues -- and most of those are going to be DNS really.

3,Was to try to repair the security on SERV1 by doing Secedit
configure and so forth.

We have no idea WHAT you might have done hear. It is fairly
easy to make a server completely unusuable with that tool.

Now I dont know what else to do. All servers have the same password
and all are all time synced (someone said that might be the prob with
the time). All servers have SP4. When trying to connect to SERV1, and
SERV3 via network neighborhood it says "No logon servers were
located". I tried to restart Netlogon service as well as the DNS
service with no luck

Start with DCDiag on every DC (presumably Serv1-3)

Make sure of the following:

DNS
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2

Restart NetLogon on any DC if you change any of the above that
affects a DC.

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Do i have to reset the password or sync the passwords? If so how do i
do that?

No.