RE: I just inherited a Windows 2k3 domain filled with NETLOGON err
- From: Manny Borges <MannyBorges@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 8 Jun 2005 12:55:13 -0700
Clustered DCs. Interesting. Not a wise expenditure of resources usually, but
interesting. I have found that with AD its easier to get more DCS and simply
design a correct site topology than to get something that is incredibly
powerful. A new proliant with 2 2.4s and four GB of ram and a nice NIC team
doesn't even blink at servicing 20k users. By all means cluster web front
ends, databases over 8GB, and other heavy hit resources. But IMHO clustering
domin controllers is a usually unneeded.
But thats beside the point.
The answer to your question, no, the new objects will not be lost. When
syncroization occurs ( I am assuming you have more DCS) then the objects will
be added to the restored dc and the previously deleted objects that have had
thier sequence numbers updated will untombstone the objects from your current
AD.
"indelljo" wrote:
> They are in the same OU, but we have added several objects since we started
> getting the errors. Won't a restore wipe out the new additions? Also, our
> DC's are in a cluster. How would this effect restore? I am new to managing
> a domain, so I appreciate the help.
>
> "Manny Borges" wrote:
>
> > One domain right? Why would you need to send anyone out?
> >
> > In any case, do an authoritative restore of the AD from a system state back
> > up that still has the acounts. If they are all in one OU then you job is
> > pretty straight foward. If not then a little more involved.
> >
> > Reboot into ad resore mode, restore a system state back up from "good" time"
> > and use the ntdsutil to mark those sequence numbers up.
> >
> > "indelljo" wrote:
> >
> > > Errors include:
> > >
> > > Evevt ID 5805
> > > The session setup from the computer computername failed to authenticate. The
> > > following error occurred:
> > > Access is denied.
> > >
> > > Event ID 5719
> > > This computer was not able to set up a secure session with a domain
> > > controller in domain domainname due to the following:
> > > There are currently no logon servers available to service the logon request.
> > > This may lead to authentication problems. Make sure that this computer is
> > > connected to the network. If the problem persists, please contact your domain
> > > administrator.
> > >
> > > Event ID 5723
> > > The session setup from computer 'computername' failed because the security
> > > database does not contain a trust account 'computername$' referenced by the
> > > specified computer.
> > >
> > > We have 30+ PC's that just dropped off the domain, their accounts are no
> > > longer in ADU&C without anyone deleting them. Is there anything I can do
> > > besides sending people out (we have 80 locations) to readd them to the domain?
.
- Follow-Ups:
- References:
- I just inherited a Windows 2k3 domain filled with NETLOGON errors
- From: indelljo
- RE: I just inherited a Windows 2k3 domain filled with NETLOGON errors
- From: Manny Borges
- RE: I just inherited a Windows 2k3 domain filled with NETLOGON err
- From: indelljo
- I just inherited a Windows 2k3 domain filled with NETLOGON errors
- Prev by Date: DHCP RELAY
- Next by Date: Re: Re-install of W2k3 won't allow activation.
- Previous by thread: RE: I just inherited a Windows 2k3 domain filled with NETLOGON err
- Next by thread: RE: I just inherited a Windows 2k3 domain filled with NETLOGON err
- Index(es):
Relevant Pages
|
