Re: Cannot login

Hello 2Sweet,
Are staff selecting the proper domain at logon? If so, you may have a problem with your trust relationship or there is a firewall or something blocking traffic one way.

Are you getting any errors on dc's on either side of the trust?

On both sides of the trust:
Run diagnostics against your Active Directory domain.

If you don't have the support tools installed, install them from your server install disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> dnslint /ad /s "ip address of your dc"

**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's in the forest. If you have significant numbers of DC's this test could generate significant detail and take a long time. You also want to take into account slow links to dc's will also add to the testing time.

If you download a gui script I wrote it should be simple to set and run (DCDiag and NetDiag). It also has the option to run individual tests without having to learn all the switch options. The details will be output in notepad text files that pop up automagically.

The script is located on my website at http://www.pbbergs.com/windows/downloads.htm

Just select both dcdiag and netdiag make sure verbose is set. (Leave the default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.

Description and download for dnslint
http://support.microsoft.com/kb/321045



--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4


http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This posting is provided "AS IS" with no warranties, and confers no rights.



Windows 2003 Server.
I have 2 child domains named "staff" & "student". All workstations are
joined either the domain member of "staff or "student".
All along working till recently, staff user account complained that
they cannot login to workstation which is "student" domain member.
Student user account has no problem login to workstation which is
"staff" domain member.

Anyone can advice?



.

Relevant Pages

  • Re: Sky News poll - War on Terror failing miserably
    ... I worked in the nhs and the management are not fit for purpose, ... In one hospital in n east the cost for mobile phone use (Staff only) was ... because the divvies in trust hq keep altering the headed address for no ... Training courses run by hq i.e. awareness for elderly gay patients!!!! ...
    (uk.legal)
  • Here we go again---
    ... third of hospitals will have to close beds, sack staff or cut non-urgent treatment in the coming year, according to a British ... The poll revealed that three quarters of health trust directors admit to funding problems. ... The BMA first raised concerns about funding shortfalls in the NHS in a letter to Health Secretary Patrician Hewitt in August. ...
    (soc.men)
  • Re: Resetting AD Domains and Trusts
    ... probably lost the fsmo role holder, ... If you don't have the tools installed, install them from your server install ... Run dcdiag, netdiag and repadmin in verbose mode. ... I'm having problem removing Domain trust from the list. ...
    (microsoft.public.windows.server.dns)
  • Re: Very disturbing... someone please tell me this is unlawful....
    ... the same condition is a recipe for disaster and IMO the NHS is quite ... He sees his GP (primary care trust, ... ambulance to A&E (Hospitals Trust) where he's seen by a ... Many of those staff will have different methods of treatment, ...
    (uk.legal)
  • Re: Source code security - rogue developers?
    ... and if you don't trust them as a general matter then ... if you have good reason to distrust ... It's an unfortunate fact that many software thefts and security problems ... Although you should trust your staff you should be ...
    (comp.security.misc)