domain logon problems

O

ocean-addict

Well-Known Member
Joined
Jun 21, 2007
Messages
194
Reaction score
0
Location
Cape Town
Today I was required to simply change a AD user account, current user left company and so a new account was needed, but the mailbox was to stay intact..

The old account was working fine, could log in no problem..

So then instead of creating a new account i just renamed the old 1 and changed all the details and exchange settings..

I then moved the client pc to the office next door, set it up, and was unable to logon using the new account, nor with any other user account, except administrator.. once in xp, i can access the server, remote into it, anything, but i am unable to get a logon service.. I thought maybe it was just that pc, but i couldnt logon from another pc in the office either, but the person that always sits their could logon to their account, so i think averybodies been logging on with cached credentials..

I know this is a real server newbie situation, but hey, im an amateur, i admit it..

thanx in advance for any help
 
Have you checked the event viewer for netlogon errors? Check on your server and client PC's if DNS settings are correct. Your Primary DNS in a basic AD network should always point to the domain controller.
 
if the dns ip is incorrect the pc won't be able to find the srv record in dns that would point it to AD.

Changing just the user attributes is a security risk as the old user had a sid and maybe have permissions set to access folders files your new user might not have/should not have rights too.

check the dhcp to see if the correct ip's are configured for your dns servers, only if your not using static ip's
 
ghalied said:
Changing just the user attributes is a security risk as the old user had a sid and maybe have permissions set to access folders files your new user might not have/should not have rights too.
Click to expand...

I think this is exactly whats happened there. :sick:
What you might try is in Admin mode, change his "owner/creator rights"...thats if you can access the files via Admin
 
Last edited:
Also, how many DC's do you have? Check that they're are updating/replicating using replmon and if encessary give each a reboot. Best way to check if the changed account is working is give it permission to logon locally to the DC and then try using it to logon to the DC.
 
the dns is correct, but i dont think the dns is workin on the server side, and all the pcs are using secondary dns (dsl router), im goin there now, so soon find out..
 
Hmm, DNS seems to sound like the main culprit here.

From what I read, all the symtoms sound like it. Cached credentials would let you log on, but refuse any user who had not logged onto that computer previously.

Check your server's event logs, and see if there's been any shut downs of any services. If you can, give the server a reboot, and watch for any strange messages during startup.

So far that's all I can think of.

Hope this helps
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X