Re: Cannot change passwords on one domain controller



Hello tom,

You configured your domain not the best way. Using clusters as DC is as Marcin mentioned not the best solution, also multihoming not. Are both DC's global catalog servers and DNS servers, a must with only cluster servers as DC? Also SQL should better run on member servers, not on DC's.

See also here:
http://msmvps.com/blogs/clusterhelp/archive/2008/02/12/domain-controllers-as-cluster-nodes-bad-idea.aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


Detals on our configare below:

I've seen this elsewhere in the forums, but no answer, so I thought
I'd try again. I have two W2K3 (Sp2) Enterprise Edition servers in a
cluster (SQLA and SQLB) nosting AD for my organization. Both are
domain controllers. The machines see each other, I can move the
cluster resources back and forth, no problem.

The issue is, on SQLB I cannot change user passwords or add new users.
If I try and add a user, after entering the password I get a dialog
box titles Active Directory that says: An error occured. Contact your
system administrator.

If I try to change the password for an existing user, I get a dialog
titled Active Directory that says: Windows cannot complete the
password change for TestUser2 because: The system cannot find the file
specified.

This started happening in the past 2 weeks, before that all was fine.
I always use SQLB for administration, I would have noticed it earlier.
I have tried setting SQLB as the RID master, no change. I can add new
users and set passwords for existing users on SQLA.

SQL Server 2003 Enterprise Edition, Service Pack 2
Two Servers, clustered, both as Domain controllers
Ip Config /all output
Windows IP Configuration
Host Name . . . . . . . . . . . . : SQLB
Primary Dns Suffix . . . . . . . : AD.xxx
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : AD.xxx
Ethernet adapter Public:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 F Server
Adapter
Physical Address. . . . . . . . . : 00-03-47-73-TT-QQ
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 2xx.xx.198.48
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 2xx.23.xx8.50
DNS Servers . . . . . . . . . . . : 2xx.23.xx8.47
2xx.23.xx8.48
Ethernet adapter Private(1):
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7781 Gigabit Server
Adapter
Physical Address. . . . . . . . . : 00-0E-7F-F1-TT-QQ
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.2
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled


.



Relevant Pages