Re: Can't logon from workstation as Administrator
- From: KJPino <KJPino@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 10 Feb 2006 03:31:28 -0800
I was just reading your posts and seeing that you said you have a login
problem from all workstations as Administrator - which could indicate a
corrupt profile - I wondered ifyou maybe have a roaming profile for
Administrator... which would explain why it happens on every workstation...
Just a thought...
KJPino
""Jenny wu [MSFT]"" wrote:
Hi,.
Thanks for your update by mail!
I am sorry for the delayed response due to weekend. Please understand that
the newsgroups are staffed weekdays by Microsoft Support professionals to
answer your systems and applications questions. Your understanding is
greatly appreciated!
I am glad to know that things are getting fine. I appreciate your time and
effort to the issue. The issue indeed is weird and there are many factors
can lead to DNS cache corrupt or time server. Please continue monitor the
server box and let me know if there is any problem related to the issue.
I am happy to be assistance of you!
Please feel free to post back when you need further assistance on this
issue and we are glad to help.
Have a nice day!
Sincerely,
Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
The partner mail content:
===================
From: Warren J. Hairston [mailto:whairston@xxxxxxxxxxxxxxxxxxxx]
Sent: Friday, November 11, 2005 11:56 PM
To: Jenny Wu (CS&S)
Subject: RE: Requested Event Viewer logs
Hi Jenny,
I will certainly try all of these steps. In fact, some of these you've
already suggested and I've tried them with no success. However, it seems to
me that if the time sync and/or DNS cache were the problem, then I wouldn't
be able to logon using ANY accounts from that workstation. Please let me
reiterate that on the SAME workstation, I can successfully logon as any
user EXCEPT Administrator. Also, this occurs on EVERY workstation on my
LAN, not just one particular workstation. I would find it hard to believe
that every workstation on my LAN experienced a corrupt DNS cache or
suddenly stopped syncing date/time concurrently.
There are no roaming profiles configured for any accounts on the LAN.
I'll let you know the results as soon as possible. Thanks for your help.
- Warren J. Hairston
===================
--------------------
X-Tomcat-ID: 282908321<OcSCRJG3FHA.3276@xxxxxxxxxxxxxxxxxxxx>
References: <#DofFd92FHA.3020@xxxxxxxxxxxxxxxxxxxx>
<$F66j$e3FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
<uKDntfO4FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
<Ok5R97W4FHA.2524@xxxxxxxxxxxxxxxxxxxx>
<9q5AHD64FHA.1172@xxxxxxxxxxxxxxxxxxxxx>
MIME-Version: 1.0cache
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
Organization: Microsoft
Date: Fri, 11 Nov 2005 14:26:49 GMT
Subject: Re: Can't logon from workstation as Administrator
X-Tomcat-NG: microsoft.public.windows.server.sbs
Message-ID: <pMoU0vs5FHA.2672@xxxxxxxxxxxxxxxxxxxxx>
Newsgroups: microsoft.public.windows.server.sbs
Lines: 715
Path: TK2MSFTNGXA02.phx.gbl
Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:221322
NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182
Hi,
Based on log information, the issue may be related to the corrupt DNS
in client system or the incorrect date/time. To resolve the issue, let usyour
perform the following steps:
I. Please double check the time on the workstation. Ensure that the day,
time, Time zone, AM/PM, Year are correct.
Then, please perform the following steps on the client:
1. Click Start => Run, type CMD and click OK.
2. Type the following commands and press Enter after each line.
ipconfig /flushdns
ipconfig /registerdns
II. Refresh the time service to synchronize time with time server.
The w32time service problem may prevent client from properly accessing
domain resources. Please try to start the Windows Time service (w32time)e
and see if the issue can be resolved.
A. Let''s open a command prompt and run the following commands to stop and
restart w32time service:
*****net stop w32time
*****net start w32time
Also check if you have a hardware router/firewall in front of your SBS
server, if so, please open Registry Editor (regedit), go to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Typ
, change the value from whatever to Nt5DS and restart the W32Time service.if
Maue sure the service''s startup type is set to automatic.
A. Check if the workstation is syncing time with the SBS 2003 server and
not, run the following command:the
net time /setsntp:<SBS_Server_Name>
NOTE: Replace <SBS_Server_Name> with the real server name of the SBS 2003
server.
After doing the above steps, reboot client workstations and then try to
logon the domain. Then try to test, how about the result?
For more info:
816042 How to configure the Windows Time service on a Windows Server
2003-based
http://support.microsoft.com/?id=816042
III. The issue may be related to the user roaming profile, please check if
you configured roaming profiles on the user account. If so, please disable
the roaming profile for the user account and test the issue again.
I am happy to be assistance of you and look forward to your reply!
Have a nice day!
Sincerely,
Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check
"Notify me of replies" box to receive e-mail notifications when there aredoing
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In
so, it will ensure your issues are resolved in a timely manner.test
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
X-Tomcat-ID: 261822109<OcSCRJG3FHA.3276@xxxxxxxxxxxxxxxxxxxx>
References: <#DofFd92FHA.3020@xxxxxxxxxxxxxxxxxxxx>
<$F66j$e3FHA.1144@xxxxxxxxxxxxxxxxxxxxx>
<uKDntfO4FHA.2904@xxxxxxxxxxxxxxxxxxxxx>
<Ok5R97W4FHA.2524@xxxxxxxxxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
Organization: Microsoft
Date: Mon, 07 Nov 2005 13:40:06 GMT
Subject: Re: Can't logon from workstation as Administrator
X-Tomcat-NG: microsoft.public.windows.server.sbs
Message-ID: <9q5AHD64FHA.1172@xxxxxxxxxxxxxxxxxxxxx>
Newsgroups: microsoft.public.windows.server.sbs
Lines: 587
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:168262
NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182
Hi,
Thanks for your detail information! I appreciate your time to perform
thatand collect information.
I am sorry for the delayed response due to weekend. Please understand
notthe newsgroups are staffed weekdays by Microsoft Support professionals to
answer your systems and applications questions. Your understanding is
greatly appreciated!
Let"s perform some tests to try to trouble shoot the issue:
I. For the issue happens on the specific user account, you can try to
refresh the user account permissions to see if any thing works well now.
To refresh user account permissions:
a. Start Server Management console -> Users
b. Click the user account and then click Change User Permissions link to
refresh the user account permissions.
And then use the user account to test, how about the result?
II. If the issue persists, please double check if the user account can
Settings\DomainUserIDremote access the SBS server box from any client computers. If the issue
happen only in some specific computer, the issue may caused by the user
profile corrupt. You can do as follows to try to resolve the issue:
a. Login the client computer as local Administrator and copy the domain
Administrator user account profile (C:\Documents and
account
(Everything except ntuser.dat)) to another location, then delete thefolder.
b. Re-logon the client computer with the domain Administrator user
information:and then copy those profiles to the new created user profile.box?
c. Please try to test the issue to see if the issue be fixed.
III. Have you applied the security update MS05-019 to the SBS 2003 SP1
if not, please refer to the following KB article to get detail
further.NET
898060 Installing security update MS05-019 or Windows Server 2003 Service
Pack
http://support.microsoft.com/?id=898060
IV. Enable the "Network access: Do not allow storage of credentials or
Passports for network authentication" security setting by opening thefrom
appropriate policy (by default, this policy is disabled in local group
policy) and expanding the console tree: Computer Configuration\Windows
Settings\Security Settings\Local Policies\Security Options. Reboot the
computer.
Or, following Registry value removes the "Remember My Password" option
all prompts for authentication:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa Value Name:
disabledomaincreds
Value Type: REG_DWORD
Values: 0 = allow domain credentials to be stored
1 = do not store domain credentials
Set the disabledomaincreds value to "0" to restore the "Remember My
Password" checkbox on the prompt for authentication.
Try to test, how about the result?
V. If the issue persists, please try to reset Default Domain Policy and
Default Domain Controller Policy to see if the issue be fixed.
Have you make a backup of the Default Domain Policy and Default Domain
Controller Policy? If yes, please try to restore it to test.
If the issue persists, please help me collect more information for
analyze the issue:
1. Could you find any related error event in the event viewer of the
- Prev by Date: RE: Install problem
- Next by Date: RE: An inconsistency was encountered on the requested media
- Previous by thread: sc101 netgear?
- Next by thread: SBS 2003 weirdness
- Index(es):
Relevant Pages
|
