Problems with logging into server

D

Dan

Hello,

Thanks for any help you can provide.
Situation: Windows 2000 advanced server
16 clients running xp and windows 2k. The previous
technition upgraded the server and this is what he did.
The pervious server was an NT 4.0 OS. Bought a new server,
installed windows 2k Advanced and gave it the same name as
the old server. Recreated the 16 user accounts with
identical names and passwords in ADUC. Log all the users
into the oldserver and then disconnected the old server
from the router and plugged in the new server. Shut down
each client and restarted the client connecting to the new
server. The clients came up with the same profile and
except for a few machines were able to relogin with out
trouble. The XP machines will get an error message but
after the 3rd or 4th try will log in to the network.

Error message when loging into the server on some the xp
manchines states: DNS server is down or not installed. The
rest of the machines login but there is always a net logon
error in the logs.

Any Ideas

thanks Dan
 
K

Kevin D. Goodknecht

In
Dan said:
Hello,

Thanks for any help you can provide.
Situation: Windows 2000 advanced server
16 clients running xp and windows 2k. The previous
technition upgraded the server and this is what he did.
The pervious server was an NT 4.0 OS. Bought a new server,
installed windows 2k Advanced and gave it the same name as
the old server. Recreated the 16 user accounts with
identical names and passwords in ADUC. Log all the users
into the oldserver and then disconnected the old server
from the router and plugged in the new server. Shut down
each client and restarted the client connecting to the new
server. The clients came up with the same profile and
except for a few machines were able to relogin with out
trouble. The XP machines will get an error message but
after the 3rd or 4th try will log in to the network.

Error message when loging into the server on some the xp
manchines states: DNS server is down or not installed. The
rest of the machines login but there is always a net logon
error in the logs.

Any Ideas

thanks Dan

Are all machines using only the local AD DNS server in TCP/IP properties?
If not do that, if they are please post back with an ipconfig /all from the
DC and the actual domain name in ADUC.
 
M

Michael Johnston [MSFT]

The secure channel for all these machines is now broken. The old DC held these channel but since it's no longer in the picture, the client machines
themselves will not be able to authenticate to the domain. You will need to remove these machines from the domain and add them back to reestablish the
secure channel to the DC. Make sure that the DC is running DNS. It's pointing to itself only for DNS and a forward lookup zone exists that matches the AD
domain name. Clients too will need to point to the DC only for DNS. The client's primary DNS suffix should also be updated with the AD domain name.

Thank you,
Mike Johnston
Microsoft Network Support

--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.
 
D

Dan

Kevin,
There are alternate DNS settings pointing to our IPs DNS
server. Should I remove them?

Here is the IPCONFIG /All Information
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-1999 Microsoft Corp.

C:\>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : server
Primary DNS Suffix . . . . . . . : IREB.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : IREB.local

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/1000 MT Network Adapter
#2
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.10

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Cable
Disconnected
Description . . . . . . . . . . . : Intel(R)
PRO/1000 MT Network Adapter
 
K

Kevin D. Goodknecht

In
Dan said:
Kevin,
There are alternate DNS settings pointing to our IPs DNS
server. Should I remove them?

Here is the IPCONFIG /All Information
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-1999 Microsoft Corp.

C:\>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : server
Primary DNS Suffix . . . . . . . : IREB.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : IREB.local

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/1000 MT Network Adapter
#2
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.10

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Cable
Disconnected
Description . . . . . . . . . . . : Intel(R)
PRO/1000 MT Network Adapter
Having the ISP's DNS in any position will cause errors.
you should also verify in ADUC that IREB.local is the AD domain name.
For internet access: 300202 - HOW TO Configure DNS for Internet Access in
Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;300202&FR=1
 
K

Kevin D. Goodknecht

In (e-mail address removed) <[email protected]>
posted a question
Then Kevin replied below:
Kevin,

There are no alternate DNS IP in the TCP/IP settings.

From your previous post what did you mean by this?
There are alternate DNS settings pointing to our IPs DNS
server. Should I remove them?

The ipconfig for the server looks OK as long as your AD domain is IREB.local
and you have a forward lookup zone with that name.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top