Re: 1 Notebook unable to log in
- From: v-gzwang@xxxxxxxxxxxxxxxxxxxx (Guozhen Wang[MSFT])
- Date: Mon, 02 Jun 2008 10:22:08 GMT
Hello Bob,
Thank you for your post and thanks for Steve's great help.
My name is Gary Wang, and it is my pleasure to work with you on this issue!
Please allow me to confirm that my understandings are correct. As I
understand it, the issue is:
Your notebook unable to login on your SBS domain with event ID 529 and the
following error:
The trust relationship between this workstation and the primary domain
failed
If I have misunderstood your concerns please feel free to let me know.
Suggestion :
==============
I agree with Steve's reply. This behavior can happen when the machine
password is not properly sync. In order to reset the machine account
password of a domain controller run the following command on problematic
client:
NETDOM RESETPWD /Server:ServerName /UsedD:Administrator /PasswordD:*
The syntax of this command is:
NETDOM RESETPWD /Server:domain-controller /UserD:user /PasswordD:[password
| *]
NETDOM RESETPWD Resets the machine account password for the domain
controller on which this command is run. Currently there is no support for
resetting the machine password of a remote machine or a member server. All
parameters must be specified.
/Server Name of a specific domain controller that should have itsmachine
account password reset.
/UserD User account used to make the connection with the domaincontroller
specified by the /Server argument.
/PasswordD Password of the user account specified with /UserD. A * means to
prompt for the password
And I would like to suggest that you use the following steps to rejoin the
client to SBS domain:
1. Login with a local account.
2. Right click My Computers and choose Properties.
3. Navigate to "Computer Name" and click "Change".
4. Check the checkbox "Workgroup" and type a workgroup name. Click OK to
restart the computer.
5. After reboot, login and open IE, go to
http://sbsservername/connectcomputer .
6. Following the wizard to join the client to SBS domain.
Also, if your client is running Windows XP, please upgrade to SP2:
Security Event 529 is logged for local user accounts
http://support.microsoft.com/kb/811082
If we cannot resolve the issue after we perform the above steps, please
help me collect some information for further investigation:
Information Need
==============
1. Check event viewer for related information, please help save it to *.evt
and send to me.
2. Please help to capture the exact symptom when the error occurs, save it
to *.jpg files and send to me.
3. Run command "ipconfig /all > c:\ipconfig_sbs.txt" and "route print >
c:\route_sbs.txt" on SBS, send the files c:\ipconfig_sbs.txt and
c:\route_sbs.txt to me.
4. Run command "ipconfig /all > c:\ipconfig_client.txt" and "route print >
c:\route_client.txt" on problematic client, send the files
c:\ipconfig_client.txt and c:\route_client.txt to me.
My email address is v-gzwang@xxxxxxxxxxxxx
I look forward to your reply. Also, if you have any questions or concerns,
please do not hesitate to let me know. I am happy to help. :-)
Thank you for your time and cooperation!
Best regards,
Gary Wang(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Steve" <wonderlan1@xxxxxxxxxxxxxxxxxxxxx>
| References: <uFOWlnewIHA.4488@xxxxxxxxxxxxxxxxxxxx>
| Subject: Re: 1 Notebook unable to log in
| Date: Thu, 29 May 2008 21:12:55 -0500
| Lines: 59
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.3138
| X-RFC2646: Format=Flowed; Response
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
| Message-ID: <OJYznqfwIHA.524@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: c-24-1-210-33.hsd1.il.comcast.net 24.1.210.33
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:110019
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| The domain controller no longer recognizes that laptop since the trust
has
| failed and I am sure running the support tool netdiag on that laptop will
| confirm it. To fix that I unjoin it from the domain to a workgroup,
reboot
| it, and join it to the domain again first making sure that the laptop
points
| ONLY to the domain controller as it's DNS server in tcp/ip properties. If
| you do that however there is a possibility that when the domain user logs
| back on they will get a brand new user profile. If that happens you will
| need to migrate their old domain profile [favorites, My Documents,
desktop
| usually at a minimum] to their new domain user profile. If they do get a
new
| profile when you go into system properties/advanced/user profiles on the
| laptop you may see "unknown" as a listed profile. If you see that do NOT
| delete that unknown profile ever until you are absolutely sure that you
have
| copied all the needed data from it.
|
| Steve
|
|
| "Bob" <Bob@xxxxxxxxxxxxxxxxx> wrote in message
| news:uFOWlnewIHA.4488@xxxxxxxxxxxxxxxxxxxxxxx
| > Hi All,
| >
| > One of the notebooks on my domain is unable to login.
| >
| > They get the message, "The trust relationship between this workstation
and
| > the primary domain failed"
| >
| > I have tried a few different domain accounts with the same result.
| >
| > In the Event Log on the SBS server, I get
| >
| > Event Type: Failure Audit
| > Event Source: Security
| > Event Category: Logon/Logoff
| > Event ID: 529
| > Date: 30/05/2008
| > Time: 10:04:20 AM
| > User: NT AUTHORITY\SYSTEM
| > Computer: SBServer
| > Description:
| > Logon Failure:
| > Reason: Unknown user name or bad password
| > User Name: NOTEBOOK$
| > Domain: DOMAIN
| > Logon Type: 3
| > Logon Process: NtLmSsp
| > Authentication Package: NTLM
| > Workstation Name: NOTEBOOK
| > Caller User Name: -
| > Caller Domain: -
| > Caller Logon ID: -
| > Caller Process ID: -
| > Transited Services: -
| > Source Network Address: 192.168.18.95
| > Source Port: 63933
| >
| >
| >
|
|
|
.
- Follow-Ups:
- Re: 1 Notebook unable to log in
- From: Bob
- Re: 1 Notebook unable to log in
- Prev by Date: RE: ISA - The size of the response header is too large.
- Next by Date: Re: DNS While PPTP / IPSec VPN is open
- Previous by thread: RE: ISA - The size of the response header is too large.
- Next by thread: Re: 1 Notebook unable to log in
- Index(es):
Relevant Pages
|
