Logon failure, cannot alter domain controller policy

[Guest]

I'm using win 2K with 2 domain controllers, and yesterday I came in to find that none of the users could access the shared points on the 1st domain controller, and neither could the 2nd domain controller as well as none of AD being in sync with the 1st controller . The Exchange server and DNS has had no problems.

When accessing from another system I get the message " \\sever is not accessible Logon Failure: The target account name is incorrect"

After this I accessed the Group policy of the domain controllers in users and computers. I could not alter the "log on as a service" policy where I thought the problem was coming from. In the policy setting box it has "DOMAIN\administrator" and a long hex number, the type that I get when a account is not found. When I try to change this I get the error message of:
"Failed to save Failed to save \sysvol\domain\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\Machine\WindowsNT\SecEdit\GptTmpl.inf"

can anyone please help me with this...
thanks

 

[Ace Fekay [MVP]]

In

I'm using win 2K with 2 domain controllers, and yesterday I came in
to find that none of the users could access the shared points on the
1st domain controller, and neither could the 2nd domain controller as
well as none of AD being in sync with the 1st controller . The
Exchange server and DNS has had no problems.

When accessing from another system I get the message " \\sever is not
accessible Logon Failure: The target account name is incorrect"

After this I accessed the Group policy of the domain controllers in
users and computers. I could not alter the "log on as a service"
policy where I thought the problem was coming from. In the policy
setting box it has "DOMAIN\administrator" and a long hex number, the
type that I get when a account is not found. When I try to change
this I get the error message of: "Failed to save Failed to save
\sysvol\domain\policies\{6AC1786C-016F-11D2-945F-00C04FB984F9}\Machine\Windo
wsNT\SecEdit\GptTmpl.inf"

can anyone please help me with this...
thanks

Hi Rohan,

We'll need more info to help out and diagnose this for you, such as:

1. ipconfig /all from both DCs
2. ipconfig /all from one of your workstations.
3. AD domain name
4. Service Pack level
5. Event logs Event ID# error(s)

Thanks

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Matjaz Ladava [MVP]]

Can you access \\domainname\sysvol\domain\policies... from you Explorer ? Do
oyu have any errors in event log regrding replication ? If you go into AD
sites and services and try to force replication between your DC do you get
any errors ?

--

Regards

Matjaz Ladava, MCSA, MCSE, MCT, MVP
Microsoft MVP Windows Server - Active Directory
(e-mail address removed), (e-mail address removed)

 

[Guest]

thanks for relpying, and in answer to you questions

1
1st controlle

Host Name . . . . . . . . . . . . : plut
Primary DNS Suffix . . . . . . . : ASCOT-INT.CO
Node Type . . . . . . . . . . . . : Hybri
IP Routing Enabled. . . . . . . . : Ye
WINS Proxy Enabled. . . . . . . . : N
DNS Suffix Search List. . . . . . : ASCOT-INT.CO

Connection-specific DNS Suffix .
Description . . . . . . . . . . . : HP NC3163 Fast Ethernet NI
Physical Address. . . . . . . . . : 00-02-A5-AB-00-2
DHCP Enabled. . . . . . . . . . . : N
IP Address. . . . . . . . . . . . : 192.168.0.
Subnet Mask . . . . . . . . . . . : 255.255.255.
Default Gateway . . . . . . . . . : 192.168.0.25
DNS Servers . . . . . . . . . . . : 192.168.0.

2nd controller

Host Name . . . . . . . . . . . . : pluto
Primary DNS Suffix . . . . . . . : ASCOT-INT.CO
Node Type . . . . . . . . . . . . : Hybri
IP Routing Enabled. . . . . . . . : Ye
WINS Proxy Enabled. . . . . . . . : N
DNS Suffix Search List. . . . . . : ASCOT-INT.CO
Connection-specific DNS Suffix .

Description . . . . . . . . . . . : Compaq NC3163 Fast Ethernet NI
Physical Address. . . . . . . . . : 00-08-02-A1-2A-E
DHCP Enabled. . . . . . . . . . . : N
IP Address. . . . . . . . . . . . : 192.168.0.
Subnet Mask . . . . . . . . . . . : 255.255.255.
Default Gateway . . . . . . . . . : 192.168.0.25
DNS Servers . . . . . . . . . . . : 192.168.0.

2
Host Name . . . . . . . . . . . . : Mike
Primary DNS Suffix . . . . . . . : ASCOT-INT.CO
Node Type . . . . . . . . . . . . : Hybri
IP Routing Enabled. . . . . . . . : N
WINS Proxy Enabled. . . . . . . . : N
DNS Suffix Search List. . . . . . : ASCOT-INT.CO

Connection-specific DNS Suffix .
Description . . . . . . . . . . . : Intel (R) 82559 fAST eTHERNET lo
Physical Address. . . . . . . . . : 00-03-47-43-7F-8
DHCP Enabled. . . . . . . . . . . : YE
IP Address. . . . . . . . . . . . : 192.168.0.4
Subnet Mask . . . . . . . . . . . : 255.255.255.
Default Gateway . . . . . . . . . : 192.168.0.25
DHCP Server . . . . . . . . . . . : 192.168.0.
DNS Servers . . . . . . . . . . . : 192.168.0.1
Primary WINS server . . . . . . . : 192.168.0.

3) ASCOT-INT.CO

4) SP

5) 49 / 101 / 36871 / 10005 / 7013 / 5722

I can't access the policies from explorer, I get the same error. When I try to force replicate between the DC I get "the RPC server is too busy to complete this operation. I am getting errors of 13508 in the event log about replication

thank
Rohan

 

[Ace Fekay [MVP]]

See if this helps:
http://support.microsoft.com/support/kb/articles/q257/3/46.asp

Ace



In

thanks for relpying, and in answer to you questions:

1)
1st controller

Host Name . . . . . . . . . . . . : pluto
Primary DNS Suffix . . . . . . . : ASCOT-INT.COM
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ASCOT-INT.COM

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC3163 Fast Ethernet
NIC Physical Address. . . . . . . . . : 00-02-A5-AB-00-22
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.251
DNS Servers . . . . . . . . . . . : 192.168.0.1

2nd controller:

Host Name . . . . . . . . . . . . : pluto2
Primary DNS Suffix . . . . . . . : ASCOT-INT.COM
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ASCOT-INT.COM
Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Compaq NC3163 Fast
Ethernet NIC Physical Address. . . . . . . . . :
00-08-02-A1-2A-E6 DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.251
DNS Servers . . . . . . . . . . . : 192.168.0.1

2)
Host Name . . . . . . . . . . . . : Mikef
Primary DNS Suffix . . . . . . . : ASCOT-INT.COM
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ASCOT-INT.COM

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel (R) 82559 fAST
eTHERNET lom Physical Address. . . . . . . . . :
00-03-47-43-7F-85 DHCP Enabled. . . . . . . . . . . : YES
IP Address. . . . . . . . . . . . : 192.168.0.48
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.251
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Primary WINS server . . . . . . . : 192.168.0.1

3) ASCOT-INT.COM

4) SP3

5) 49 / 101 / 36871 / 10005 / 7013 / 5722 /

I can't access the policies from explorer, I get the same error. When
I try to force replicate between the DC I get "the RPC server is too
busy to complete this operation. I am getting errors of 13508 in the
event log about replication.

thanks
Rohan

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory