Domain logon

G

Gillies

Greetings,

Using Win2k3 R2, 1 domain, 2 DCs with DNS servers (secure). Say DC1 and
DC2. DC1 works fine and admins can logon normally. So in order to test DC2
I unplugged DC1 from the network.

Problem is nobody can logon on DC2. I just removed and reinstall AD
succesfully on DC2 using dcpromo. Still can't logon.
DC2 DNS client point to itself first then DC1. The error message I get is:

"The system can not log you on. Make sure your user name and domain are
correct then check your password again." blabla When I reconnect DC1 on the
LAN, everything is working beautifully.

Whats wrong with DC2 ???

TIA

Gillies
 
P

Paul Bergson

Run diagnostics against your Active Directory domain.

If you don't have the tools installed, install them from your server install
disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> dcdiag /e /c /v /s:DC_Name /f:c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt

If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests
without having to learn all the switch options. The details will be output
in notepad text files that pop up automagically.

The script is located in the download section on my website at
http://www.pbbergs.com

Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.

--
Paul Bergson
MCT, MCSE, MCSA, Security+, BS CSi
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
 
G

Gillies

I don't have the <SYSVOL> share present but the sysvol folder has been
created (\windows\sysvol). I uninstalled AD using dcpromo and reinstalled.
No luck. Same issue. Any idea ?

Here are the event log errors reported:

ID 1053: Windows cannot obtain the domain controler name for your computer
network. The specified domain either does not exist or could not be
contact. Group Policy processing aborted.

TIA
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

2 DC in 1 domain disaster question.. 4
Connection Objects Get Disappearing or Does Not Generate Automatic 2
Logon Server 5
Root domain controller LDAP Failure 3
NETLOGONS and SYSVOL shares missing 2
AD replication problem - Global Catalog not available 1
One server can't see the other server 12
Windows 2003 domain PDC emulator down and users unable to login 3

Top