Re: win2000 pro client cannot join mixed mode ActiveDirectory after being deleted

From: Simon Geary (simon_geary_at_hotmail.com)
Date: 07/21/04 

Date: Wed, 21 Jul 2004 15:19:11 +0100

When this happens the easiest way to fix it is usually to put the computer
into a workgroup and then rejoin the domain.
You can use tools to reset the machine accounts secure channel to get it
fixed but unjoining and then rejoining the domain is just as quick to do for
a single PC.

"Derek Ragona" <derek@computinginnovations.com> wrote in message
news:%23TGeoixbEHA.556@tk2msftngp13.phx.gbl...
> A computer account was deleted from the Active Directory, but now cannot
be
> added back into the AD.
>
> When this problem first arose, there were two AD servers. The original
> Master had recently had a RAID 10 drive fail, but the drive rebuild left
> Windows 2000 server not bootable, so the Windows 2000 server OS was
> reloaded. Once loaded this server was promoted using dcpromo, and looked
to
> be working. However, it became clear once the Windows 2000 pro client was
> removed from one AD server, but the deletion did not replicate, there was
a
> problem. I found that replication issue was due because these servers are
> multi-honed and somehow not finding each other. I disabled all but one
NIC
> on each server, and removed the DNS entries for the other NIC's. It
looked
> like the AD's were connecting, but still not replicating. So I demoted
the
> reloaded server, using dcpromo hoping that with only one AD server, now
the
> client computer account could be added. While I can add the computer
> account, you cannot logon from that computer. If I delete the client
> computer account, you get the same error when trying to logon.
>
> If the computer is NOT logged on at boot, leaving the ethernet unplugged,
> then after it boots, plug the ethernet in, all domain resources are
> available as the user's account credentials are fine.
>
> I suspect there must be some old objects in the AD for the client
computer,
> or some thing else wrong.
>
> I have followed the KB articles and checked the AD and DNS setup, all
looks
> right.
>
> Any help would be appreciated. Thanks.
>
>
> Derek Ragona
> derek@computinginnovations.com
>
>

Relevant Pages

  • RE: Remote DNS Issue
    ... When a client in Office C runs the nslookup command, ... Server: dnsr1.sbc.global.net ... So she IS able to disjoin and rejoin the domain... ... is FQDN,A FQDN is a complete DNS name,Fully qualified domain name. ...
    (microsoft.public.windows.server.sbs)
  • Re: Replacing a failed SBS 2003 Machine
    ... How to properly rejoin a client workstation to an SBS 2003 Domain ... Once your new server is running you will have to join your workstations to ...
    (microsoft.public.windows.server.sbs)
  • Re: NETLOGON event id 5513
    ... > server is never going to talk to the main domain. ... > rejoin the client to this other domain and that error should go away. ... > that all the computer account and user account password changes would be ... >> production network and put it on the disaster network, ...
    (microsoft.public.win2000.active_directory)
  • Re: Duplicate MyDocuments root
    ... The problem is that I had to rebuild the server from scratch, ... Rejoin domain ... Login as USER (create root folder) logout ... > try resetting the domain computer account and rejoining it. ...
    (microsoft.public.windows.server.general)
  • Re: Problems rejoining Nt Member server to Win2003 Domain
    ... also try deleting the computer account outright. ... But now the sever will not rejoin the ... Suspect it may be a SID issue, ... WAN), and can browse okay, but server refuses to join. ...
    (microsoft.public.windows.server.general)