Computer Account BIG Issue

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have a problem with a computer and I need to know if this is normal or
where's the problem.

We have a Windows 2000 domain in mixed mode the issue occurs renamiming the
computer:

1. We have a computer named PCA and we are replacing it for a new one.
2. We change PCA name to PCA01 usign the computer name wizard on PCA.
3. Every thing seems OK. The message "Welcome to the domain... " is
displayed, etc. We reboot the PC and user starts working on it.
4.Then we join the new computer to the domain with the name PCA and
everything seems OK again. We reboot the computer and then the issue starts:
- The user can't logon the computer with the error "There is no domain
controller..."
5. We remove the computer from the domain - reboot - rejoin and then
everything is OK.
6. PCA01 though is then shutdown and when the user tries to log on the
message "There is no domain..." is displayed but the computer accounts exists
in ADUC mmc.
7. PCA01 the in removed from the domain - reboot - rejoin and everything
seems OK but there's no account in ADUC mmc !!!!!!!!!

I need any assistance troubleshooting this or is this normal???

TIA,
GC
 
jerry_mx said:
I have a problem with a computer and I need to know if this is normal or
where's the problem.

We have a Windows 2000 domain in mixed mode the issue occurs renamiming
the
computer:

1. We have a computer named PCA and we are replacing it for a new one.
2. We change PCA name to PCA01 usign the computer name wizard on PCA.
3. Every thing seems OK. The message "Welcome to the domain... " is
displayed, etc. We reboot the PC and user starts working on it.
4.Then we join the new computer to the domain with the name PCA and
everything seems OK again. We reboot the computer and then the issue
starts:
- The user can't logon the computer with the error "There is no domain
controller..."
Click to expand...

USUALLY this is due to mistakes in the CLIENTS DNS settings.
Check the (new) Client NIC->IP Properties and ensure that ONLY
the "internal" DNS that can resolve all internal (and external) names
are listed there.

Many people incorrectly place the "ISP" or some other external DNS
server in the Client property list in the mistaken belief that clients will
fail over to the "outside" DNS server....

The new machine does not seem to be joined to the domain OR
it is not finding a DC on boot reliably. (And these are usually DNS
issues as mentioned above.)
5. We remove the computer from the domain - reboot - rejoin and then
everything is OK.
Click to expand...

Generally you should NOT remove computers from the domain
(this is an old practice, popular and more necessary in NT days);
you should instead RESET 'hosed' computer accounts.

Reset is a right click option in AD Users and Computers, as well
as options in DSMod, NetDom, and the older (works in NT even)
NLTest.
6. PCA01 though is then shutdown and when the user tries to log on the
message "There is no domain..." is displayed but the computer accounts
exists
in ADUC mmc.
Click to expand...

This is a class symptom of multiple DNS servers listed on
the client NIC, and (at least) one of which is not an internal
DNS server which can resolve the DCs.

The other common (but less likely) issue is that SOME of your
internal DNS servers are not fully replicated and don't know
all of the correct answers they are supposed to know.

Check this latter by running "DCDiag" on each and every DC
in the domain/forest. (See below for more DNS troubleshooting
basics.)
7. PCA01 the in removed from the domain - reboot - rejoin and everything
seems OK but there's no account in ADUC mmc !!!!!!!!!
Click to expand...

Then how do you know it is joined? While it is working is the
computer account there? How about just pre-creating the account
and joining the new computer to an EXISTING account.

(And don't delete the computer account on the domain again unless
the reset trick is NOT working after repeated and careful attempts
AND after fixing DNS.)
I need any assistance troubleshooting this or is this normal???
Click to expand...

No, it is not normal but is usually common symptom of DNS
CLIENT or server problems.

More on DNS for AD:

1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /server:DC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
 
Thanks for the answer Herb. I'll try that and post any follow ups

Herb Martin said:
jerry_mx said:
I have a problem with a computer and I need to know if this is normal or
where's the problem.

We have a Windows 2000 domain in mixed mode the issue occurs renamiming
the
computer:

1. We have a computer named PCA and we are replacing it for a new one.
2. We change PCA name to PCA01 usign the computer name wizard on PCA.
3. Every thing seems OK. The message "Welcome to the domain... " is
displayed, etc. We reboot the PC and user starts working on it.
4.Then we join the new computer to the domain with the name PCA and
everything seems OK again. We reboot the computer and then the issue
starts:
- The user can't logon the computer with the error "There is no domain
controller..."
Click to expand...

USUALLY this is due to mistakes in the CLIENTS DNS settings.
Check the (new) Client NIC->IP Properties and ensure that ONLY
the "internal" DNS that can resolve all internal (and external) names
are listed there.

Many people incorrectly place the "ISP" or some other external DNS
server in the Client property list in the mistaken belief that clients will
fail over to the "outside" DNS server....

The new machine does not seem to be joined to the domain OR
it is not finding a DC on boot reliably. (And these are usually DNS
issues as mentioned above.)
5. We remove the computer from the domain - reboot - rejoin and then
everything is OK.
Click to expand...

Generally you should NOT remove computers from the domain
(this is an old practice, popular and more necessary in NT days);
you should instead RESET 'hosed' computer accounts.

Reset is a right click option in AD Users and Computers, as well
as options in DSMod, NetDom, and the older (works in NT even)
NLTest.
6. PCA01 though is then shutdown and when the user tries to log on the
message "There is no domain..." is displayed but the computer accounts
exists
in ADUC mmc.
Click to expand...

This is a class symptom of multiple DNS servers listed on
the client NIC, and (at least) one of which is not an internal
DNS server which can resolve the DCs.

The other common (but less likely) issue is that SOME of your
internal DNS servers are not fully replicated and don't know
all of the correct answers they are supposed to know.

Check this latter by running "DCDiag" on each and every DC
in the domain/forest. (See below for more DNS troubleshooting
basics.)
7. PCA01 the in removed from the domain - reboot - rejoin and everything
seems OK but there's no account in ADUC mmc !!!!!!!!!
Click to expand...

Then how do you know it is joined? While it is working is the
computer account there? How about just pre-creating the account
and joining the new computer to an EXISTING account.

(And don't delete the computer account on the domain again unless
the reset trick is NOT working after repeated and careful attempts
AND after fixing DNS.)
I need any assistance troubleshooting this or is this normal???
Click to expand...

No, it is not normal but is usually common symptom of DNS
CLIENT or server problems.

More on DNS for AD:

1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /server:DC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
TIA,
GC
Click to expand...
Click to expand...
 
Back
Top