SID problem?

[frans]

Sorry to disturb you all, but I really need help.

One Win2000 laptop in my domain ( consisting of 10 computers ), failed to
browse the Win2000 server. It succeeded to log in to the server, it could
even open a public folder, but the user can't open his own folder ( or any
other passworded folder ).
So, it's not physical problem but password problem.

My first attack was trying to ping all ( 10 ) computers from all computers.
Some ( 5 ) of the computers can ping other computers, but fails to be
pinged. All the other computers can both ping and be pinged. Could this be
somehow related to the above problem ?

My second attack was to check the Event Viewer. The Property of Logon Error
in the System Log says that "The computer --------------- tried to connect
to the server ---------------- using the trust relationship established by
the ------------- domain. However, the computer lost the correct security
identifier ( SID ) when the domain was reconfigured. Reestablish the trust
relationship."
Could the above problem be caused by the SID problem? How should I repair
this problem?

Please kindly give me some lead or hints on how to proceed further.
Very many thanks.

frans t.

 

[Richard G. Harper]

The first thing to do would be to remove and re-add the problem computers to
the domain. If that fails you should next look at DNS settings - the client
computers within the domain should have only the domain DNS set to resolve
queries, and the domain DNS server should be forwarding all outside queries
to an outside DNS server.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[frans]

The first thing to do would be to remove and re-add the problem computers
to

How do I remove and re-add the problem computers to the domain? By shutting
them down, and restart? I already did that, to no avail. Could you give a
clearer explanation ( sorry, if I'm so dumb ), or clue as to where I could
get the info?

the domain. If that fails you should next look at DNS settings - the
client

Where should I check the DNS settings at the client computer and at the
server side? What should I check?

computers within the domain should have only the domain DNS set to resolve

How should I make the client computer to make the domain DNS set to resolve
any queries? From the problem computer, I can ping to the IP number of the
server. But, I can't ping to the server name ( the problem computer can't
resolve the name into IP number ! ). Is this the problem? How to solve it?

queries, and the domain DNS server should be forwarding all outside
queries to an outside DNS server.

How to set this and where? Give me something to study, and sorry for my
stupidity!

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Sorry to disturb you all, but I really need help.

One Win2000 laptop in my domain ( consisting of 10 computers ), failed to
browse the Win2000 server. It succeeded to log in to the server, it could
even open a public folder, but the user can't open his own folder ( or
any other passworded folder ).
So, it's not physical problem but password problem.

My first attack was trying to ping all ( 10 ) computers from all
computers. Some ( 5 ) of the computers can ping other computers, but
fails to be pinged. All the other computers can both ping and be pinged.
Could this be somehow related to the above problem ?

My second attack was to check the Event Viewer. The Property of Logon
Error in the System Log says that "The computer --------------- tried to
connect to the server ---------------- using the trust relationship
established by the ------------- domain. However, the computer lost the
correct security identifier ( SID ) when the domain was reconfigured.
Reestablish the trust relationship."
Could the above problem be caused by the SID problem? How should I repair
this problem?

Please kindly give me some lead or hints on how to proceed further.
Very many thanks.

frans t.

 

[Richard G. Harper]

Remove a PC from the domain by right-clicking "My Computer" then selecting
Properties, then the Network Identification tab. Remove the computer from
the domain by joining it to a workgroup (the workgroup does not need to
actually exist), then provide the correct Administrator account name and
password for the domain. Re-join the domain as above.

I would strongly suggest that if you have this many questions about DNS that
you need to do some serious studying on the subject. I would start here:

http://www.microsoft.com/windows2000/technologies/communications/dns/default.asp

then I would scour both http://msdn.microsoft.com/ and
http://www.microsoft.com/technet/ for DNS configuration articles and
how-tos.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

The first thing to do would be to remove and re-add the problem computers
to

How do I remove and re-add the problem computers to the domain? By
shutting them down, and restart? I already did that, to no avail. Could
you give a clearer explanation ( sorry, if I'm so dumb ), or clue as to
where I could get the info?

the domain. If that fails you should next look at DNS settings - the
client

Where should I check the DNS settings at the client computer and at the
server side? What should I check?

computers within the domain should have only the domain DNS set to
resolve

How should I make the client computer to make the domain DNS set to
resolve any queries? From the problem computer, I can ping to the IP
number of the server. But, I can't ping to the server name ( the problem
computer can't resolve the name into IP number ! ). Is this the problem?
How to solve it?

queries, and the domain DNS server should be forwarding all outside
queries to an outside DNS server.

How to set this and where? Give me something to study, and sorry for my
stupidity!

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Sorry to disturb you all, but I really need help.

One Win2000 laptop in my domain ( consisting of 10 computers ), failed
to browse the Win2000 server. It succeeded to log in to the server, it
could even open a public folder, but the user can't open his own folder
( or any other passworded folder ).
So, it's not physical problem but password problem.

My first attack was trying to ping all ( 10 ) computers from all
computers. Some ( 5 ) of the computers can ping other computers, but
fails to be pinged. All the other computers can both ping and be pinged.
Could this be somehow related to the above problem ?

My second attack was to check the Event Viewer. The Property of Logon
Error in the System Log says that "The computer --------------- tried to
connect to the server ---------------- using the trust relationship
established by the ------------- domain. However, the computer lost the
correct security identifier ( SID ) when the domain was reconfigured.
Reestablish the trust relationship."
Could the above problem be caused by the SID problem? How should I
repair this problem?

Please kindly give me some lead or hints on how to proceed further.
Very many thanks.

frans t.

 

[frans]

Remove a PC from the domain by right-clicking "My Computer" then selecting
Properties, then the Network Identification tab. Remove the computer from
the domain by joining it to a workgroup (the workgroup does not need to
actually exist), then provide the correct Administrator account name and
password for the domain. Re-join the domain as above.

I would strongly suggest that if you have this many questions about DNS
that you need to do some serious studying on the subject. I would start
here:

http://www.microsoft.com/windows2000/technologies/communications/dns/default.asp

then I would scour both http://msdn.microsoft.com/ and
http://www.microsoft.com/technet/ for DNS configuration articles and
how-tos.

OK, thank you very very much.
For the time being, I'll study that all and will return to you later on to
ask some more questions ( if I still can't tackle my problem, I mean the SID
problem ).
Thanks,

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

The first thing to do would be to remove and re-add the problem
computers to

How do I remove and re-add the problem computers to the domain? By
shutting them down, and restart? I already did that, to no avail. Could
you give a clearer explanation ( sorry, if I'm so dumb ), or clue as to
where I could get the info?

the domain. If that fails you should next look at DNS settings - the
client

Where should I check the DNS settings at the client computer and at the
server side? What should I check?

computers within the domain should have only the domain DNS set to
resolve

How should I make the client computer to make the domain DNS set to
resolve any queries? From the problem computer, I can ping to the IP
number of the server. But, I can't ping to the server name ( the problem
computer can't resolve the name into IP number ! ). Is this the problem?
How to solve it?

queries, and the domain DNS server should be forwarding all outside
queries to an outside DNS server.

How to set this and where? Give me something to study, and sorry for my
stupidity!

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


Sorry to disturb you all, but I really need help.

One Win2000 laptop in my domain ( consisting of 10 computers ), failed
to browse the Win2000 server. It succeeded to log in to the server, it
could even open a public folder, but the user can't open his own folder
( or any other passworded folder ).
So, it's not physical problem but password problem.

My first attack was trying to ping all ( 10 ) computers from all
computers. Some ( 5 ) of the computers can ping other computers, but
fails to be pinged. All the other computers can both ping and be
pinged. Could this be somehow related to the above problem ?

My second attack was to check the Event Viewer. The Property of Logon
Error in the System Log says that "The computer --------------- tried
to connect to the server ---------------- using the trust relationship
established by the ------------- domain. However, the computer lost the
correct security identifier ( SID ) when the domain was reconfigured.
Reestablish the trust relationship."
Could the above problem be caused by the SID problem? How should I
repair this problem?

Please kindly give me some lead or hints on how to proceed further.
Very many thanks.

frans t.

 

[Phillip Windell]

I would strongly suggest that if you have this many questions about DNS that
you need to do some serious studying on the subject. I would start here:

http://www.microsoft.com/windows2000/technologies/communications/dns/default.asp

I'm gonna hire you to tell all my "postees" that when it needs said. When I
do it they always have a tantrum and go on a rant about how evil I am and
how I accused them of being stupid rather than answer their question in two
sentences or less. You seem to have better luck than I do with that

 

[Richard G. Harper]

I work cheap. Plain M&Ms are all I require. <VBSEG>

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm