Re: ptwilliams?
From: Mark Renoden [MSFT] (markreno_at_online.microsoft.com)
Date: 08/01/04
- Next message: Kenny Verhaege: "Re: Is the server a DC"
- Previous message: Vee: "Re: Quick Question!"
- In reply to: Chris Hall: "Re: ptwilliams?"
- Next in thread: Chris Hall: "Re: ptwilliams?"
- Reply: Chris Hall: "Re: ptwilliams?"
- Reply: C Hall: "Re: ptwilliams?"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 2 Aug 2004 08:59:09 +1000
Hi Chris
So is this issue perhaps confined to an RDP (Terminal Services) session?
Any chance you can get someone to log onto the console at the other site and
try again just to see? Are you using the same logon and password?
I'm wondering if this might be a User Rights Assignment issue similar to (if
not the same as):
257346 "Access This Computer from the Network" User Right Causes Tools Not
to
http://support.microsoft.com/?id=257346
Have you changed any of the User Rights to non defaults for the domain,
domain controllers etc?
Kind regards
-- Mark Renoden [MSFT] Windows Platform Support Team Email: markreno@online.microsoft.com Please note you'll need to strip ".online" from my email address to email me; I'll post a response back to the group. This posting is provided "AS IS" with no warranties, and confers no rights. "Chris Hall" <chrish64@earthlink.net> wrote in message news:uZxWpDBeEHA.1356@TK2MSFTNGP09.phx.gbl... > Hi Paul, > > Hope your day or two away was for fun ;-) RDP? Is that what Term Services > uses? Didn't know... > > As per Friday, anytime I connect to this DC and try to open AD tools, I > get > the messages stated above. I had stopped by the location and tried to > reset > to the account on the DC. The command went through without a problem, I > was > able to access the tools, life was good....until I got back to the office > and tried to access those tools through TS. So, to answer your question, > the > password I tried to reset was a DC at a remote location. FWIW, we have two > DCs and will likely expand that over time. When I get into the office > tomorrow, I'll give that a shot and post the result. > > Thanks, > CH > > > "ptwilliams" <ptw2001@hotmail.com> wrote in message > news:OLqQVv$dEHA.3864@TK2MSFTNGP10.phx.gbl... >> Hi C Hall, thanks for the vote of confidence and the praise!!! I'm >> really >> chuffed!!! Sorry for the delay, I've been away for a day or two... >> >> Well, I'm glad Mark was able to help you!! I was unaware that you can't >> reset a secure channel password using RDP!! That's both interesting and >> helpful!! Thanks Mark ;-) >> >> Anyway, enough time has now passed whether needed or not. So...are you >> still getting these issues?? I assume so... And, just to clarify, what >> secret password did you reset? The DCs that's throwing the errors I > assume, >> but thought I'd best check?? >> >> On the DC that has these problems, run this: >> >> C:\>nltest /sc_query:secfedbank.com >> >> >> And post the result... >> >> >> -- >> >> Paul Williams >> _________________________________________ >> http://www.msresource.net >> >> >> Join us in our new forums! >> http://forums.msresource.net >> _________________________________________ >> >> >> "C Hall" <someone@microsoft.com> wrote in message >> news:O1uejlkdEHA.1152@TK2MSFTNGP09.phx.gbl... >> I may have spoke too soon....I just got back into the office and although >> logging into the console and getting a 'command completed successfully' >> message, when I tried to open AD tools through Terminal Servcies, I get > the >> same message as before: "Naming information cannot be located because: >> The >> logon attempt failed." >> >> Should I restart the server? Or perhaps just give it time...suggestions? >> >> >> >> "Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in message >> news:#8MEKzbdEHA.4048@TK2MSFTNGP12.phx.gbl... >> > Hi >> > >> > You got the message "The specified network password is not correct" >> because >> > you tried to do this via a Terminal Session. Try logging onto the > console >> > instead. >> > >> > Kind regards >> > -- >> > Mark Renoden [MSFT] >> > Windows Platform Support Team >> > Email: markreno@online.microsoft.com >> > >> > Please note you'll need to strip ".online" from my email address to > email >> > me; I'll post a response back to the group. >> > >> > This posting is provided "AS IS" with no warranties, and confers no >> rights. >> > >> > "C Hall" <someone@microsoft.com> wrote in message >> > news:e67JiNXdEHA.556@tk2msftngp13.phx.gbl... >> > > Mark, >> > > >> > > I tried to do this on the server (throught TS) in question and > received >> an >> > > error: The specified network password is not correct. The command > failed >> > > to >> > > complete successfully. >> > > >> > > Tried it on the other dc and received: The network path was not >> > > found. >> The >> > > command failed to complete successfully. >> > > >> > > Trying to do this with ADUC, I get the message that it's a dc and the >> > > password cannot be reset. >> > > >> > > I guess this means that I'm going to have to demote/promote the dc? >> > > >> > > "C Hall" <someone@microsoft.com> wrote in message >> > > news:es$4#4WdEHA.4004@TK2MSFTNGP10.phx.gbl... >> > >> Mark, >> > >> >> > >> You are correct, opsw2ksvr1 is the PDCe. I do have both servers >> pointing >> > > at >> > >> it as the dns server and will will reset the secure channel. The > first >> I >> > > saw >> > >> this message was 6/30 and it wasn't until the middle of this month > that >> > > it's >> > >> (the error in event viewer) been happening with any frequency. >> > >> >> > >> Thanks for your reply and I'll post back the results. >> > >> >> > >> >> > >> >> > >> "Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in > message >> > >> news:O1MqpQPdEHA.1152@TK2MSFTNGP09.phx.gbl... >> > >> > Hi >> > >> > >> > >> > Which DC is the PDCe? I'm guessing opsw2ksvr1? >> > >> > >> > >> > If so, I'd suggest: >> > >> > >> > >> > 1. Point both DC's to opsw2ksvr1 as the preferred DNS server. >> > >> > >> > >> > 2. Reset the secure channel for lexw2ksvr1: >> > >> > >> > >> > 216393 Resetting computer accounts in Windows 2000 and Windows > XP >> > >> > http://support.microsoft.com/?id=216393 >> > >> > >> > >> > If this issue has been around for some time (>60 days) you may >> > >> > need >> to >> > >> > remove lexw2ksvr1 from the domain as a DC and re-promote. If you >> think >> > >> this >> > >> > is the way you want to head, post back and I'll provide more > details. >> > >> > >> > >> > Kind regards >> > >> > -- >> > >> > Mark Renoden [MSFT] >> > >> > Windows Platform Support Team >> > >> > Email: markreno@online.microsoft.com >> > >> > >> > >> > Please note you'll need to strip ".online" from my email address >> > >> > to >> > > email >> > >> > me; I'll post a response back to the group. >> > >> > >> > >> > This posting is provided "AS IS" with no warranties, and confers >> > >> > no >> > >> rights. >> > >> > >> > >> > "C Hall" <someone@microsoft.com> wrote in message >> > >> > news:Op$cDiOdEHA.3380@TK2MSFTNGP12.phx.gbl... >> > >> > > Hi Paul, >> > >> > > >> > >> > > I've seen your posts throughout this great forum and you've > helped >> me >> > > in >> > >> > > the >> > >> > > past. I'm trying to narrow down a problem with one of my two DCs >> and >> > > was >> > >> > > hoping you could give me some pointers. I'm having problems with >> the >> > > 2nd >> > >> > > dc >> > >> > > installed in the network. A while back (June), I had run netdiag >> just >> > > as >> > >> a >> > >> > > precaution, and everything was looking fine. I started having >> > >> > > problems >> > >> > > with >> > >> > > time synch, which I was able to resolve. Afterwards, I tried to >> open >> > >> ADUC >> > >> > > and received the following message: >> > >> > > >> > >> > > Naming information cannot be located because: The logon >> > >> > > attempt >> > >> > > failed. >> > >> > > >> > >> > > I get the same message with ADSS. >> > >> > > >> > >> > > Looking at the event viewer, I saw errors in Application: >> > >> > > >> > >> > > Event Type: Error >> > >> > > Event Source: Userenv >> > >> > > Event Category: None >> > >> > > Event ID: 1000 >> > >> > > Date: 7/16/2004 >> > >> > > Time: 4:20:02 PM >> > >> > > User: NT AUTHORITY\SYSTEM >> > >> > > Computer: LEXW2KSVR1 >> > >> > > Description: >> > >> > > Windows cannot determine the user or computer name. >> > >> > > Return >> > > value >> > >> > > (1326). >> > >> > > >> > >> > > I ran netdiag and get this: >> > >> > > >> > >> > > DC list test . . . . . . . . . . . : Failed >> > >> > > [WARNING] Cannot call DsBind to lexw2ksvr1.secfedbank.com >> > >> > > (10.20.132.2). >> > >> > > [ERROR_LOGON_FAILURE] >> > >> > > >> > >> > > >> > >> > > Trust relationship test. . . . . . : Passed >> > >> > > Secure channel for domain 'SECFEDBANK' is to >> > >> > > '\\opsw2ksvr1.secfedbank.com'. >> > >> > > >> > >> > > >> > >> > > Kerberos test. . . . . . . . . . . : Failed >> > >> > > [FATAL] Kerberos does not have a ticket for LEXW2KSVR1$. >> > >> > > >> > >> > > >> > >> > > LDAP test. . . . . . . . . . . . . : Passed >> > >> > > [WARNING] Failed to query SPN registration on DC >> > >> > > 'lexw2ksvr1.secfedbank.com'. >> > >> > > [FATAL] Cannot do NTLM authenticated ldap_bind to >> > >> > > 'opsw2ksvr1.secfedbank.com': Invalid Credentials. >> > >> > > [FATAL] Cannot do Negotiate authenticated ldap_bind to >> > >> > > 'opsw2ksvr1.secfedbank.com': Invalid Credentials. >> > >> > > [WARNING] Failed to query SPN registration on DC >> > >> > > 'opsw2ksvr1.secfedbank.com'. >> > >> > > >> > >> > > >> > >> > > >> > >> > > When I installed both DCs, I was cautious as to the problems >> > >> > > that >> > >> > > misconfigured dns could cause, so everything there is correct >> (;-p). >> > >> I've >> > >> > > verified AD installation & srv records. I've googled and >> > >> > > searched >> for >> > >> > > answers on technet for LDAP errors and event id:1000, to no > avail. >> > >> > > Per >> > >> kb >> > >> > > article 329887, I've reset security configuration and that >> > >> > > didn't >> > >> > > work >> > >> > > either. At the moment, I'm reading AD Troubleshooting Chapter >> > >> > > 10, >> > > which >> > >> I >> > >> > > found on the MS website. I'm not to familiar with LDAP, which > seems >> > >> > > to >> > >> be >> > >> > > having some problems. >> > >> > > >> > >> > > If you could offer any insight, I'd greatly appreciate it! >> > >> > > >> > >> > > >> > >> > >> > >> > >> > >> >> > >> >> > > >> > > >> > >> > >> > >> >> >> > >
- Next message: Kenny Verhaege: "Re: Is the server a DC"
- Previous message: Vee: "Re: Quick Question!"
- In reply to: Chris Hall: "Re: ptwilliams?"
- Next in thread: Chris Hall: "Re: ptwilliams?"
- Reply: Chris Hall: "Re: ptwilliams?"
- Reply: C Hall: "Re: ptwilliams?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
