Authentication problem

G

Grant

Apologies if this goes into the wrong newsgroup.

The picture:
I installed a secondary Windows 2000 domain controller in site B. It is part
of AD and has WINS and DNS replicated to it from a domain controller in Site
A. I set up a DHCP scope, enabled and authorised it, set all the default
things the same as the primary domain controller in Site B.

The problem:
When I disable DHCP and Wins on the primary server in site B, and get an IP
address (from my workstation) from the new domain controller, suddenly I get
asked to authenticate. I cant log into Outlook anymore as it wont accept my
credentials, the log in box just keeps appearing no matter how many tmes I
enter the username and password, and if I log off, I cant log back onto the
domain again.

Temporary solution:
I had to disable DHCP and Wins on the new server and re-enable it on the
Primary server to get the situation back to normal again.

Can anyone help me here? There must be something Im missing, some obscure
checkbox in the bowels of Windows that is causing this.

Any help greatly appreciated,
Cheers,
Grant
 
G

Guest

Check the WINS settings on your client (if you haven't already) to ensure
that it points over to the new server. If a bogus entry remains from your
previous setup, in spite of the settings in your DHCP scope, it could be
directing your machine to the old WINS, which no longer exists.
 
S

Steven L Umbach

Most likely a dns problem. Make sure that your domain controllers are replicating
properly and that dns is configured correctly. I would configure the scope in the new
DHCP server to have dns entries for both domain controllers. The first in the list
would be the domain controller at the site and the second being the domain controller
at the other site. Configure your new domain controller the same way, to point first
to itself and then have the other domain controller second in the list as preferred
dns servers. Look in Event Viewer for any pertinent errors on both domain controller
and verify the dns zones on both in that they have records for each other including
the all important _srv records. You should see all the user and computer accounts in
AD Users and Computers on each domain controller. The support tools netdiag and
dcdiag can help in determining if domain controllers are configured properly and
communicating with each other. Running netdiag on your workstation when you can not
logon to the domain will probably display some errors and failed tests. My guess is
that it can not find a domain controller with the tcp/ip configuration it acquired
via DHCP. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;321708
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

VPN server without domain controller 0
Recovering PDC from Hardware Failure 1
Problem with 2003 server 1
NTP question on Windows2003 Network 3
Win2k3, DNS, DHCP, Crazy??? 2
Exchange Tabs missing in user accounts? 1
antivirus software questions 4
User authentication in windows 2000 domain failing to second domain controller 3

Top