Reset Passwords

[Guest]

The active directory cannot contact the domain on my server. Because of this it does not work and lots of things relying on it don't work, people can log in but not use the network drives or exchange.
Some other services did not start on start up because the passwords in services had some how had changed.
Could something like this be stopping AD from connecting to the domain? I have tried lots of things now but nothing seams to work. One person suggested that the time may out which is effecting it. The time was set wrong, is there a special way of resetting it or do I just click on the clock in the bottom corner of the screen?
Thanks

 

[Jetro]

Do you have RPC and other errors in the Events log? Adjust the local time
any way you know.

 

[Guest]

No RPC errors but do have errors from Netlogon, exchange, w32time, active directory and a few others that I have been told are not too bad.
Changing the time didn't make any difference.
I think maybe the domain name may be corrupt and posible have $ signs in it. Is there any way of checking and changing this when AD doesn't work?

 

[Jetro]

You can see the names in the DNS snap-in (if it works) and in
%systemroot%\system32\config\netlogon.dnb and netlogon.dns.
What are the errors you get related to AD and Netlogon?

 

[Richard G. Harper]

The first thing you need to fix is the time issue. Until you have the PDC
emulator synchronizing its time from an external source you're likely to run
into all manner of problems. Read here:

http://support.microsoft.com/default.aspx?scid=216734

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

The active directory cannot contact the domain on my server. Because of

this it does not work and lots of things relying on it don't work, people
can log in but not use the network drives or exchange.

Some other services did not start on start up because the passwords in

services had some how had changed.

Could something like this be stopping AD from connecting to the domain? I

have tried lots of things now but nothing seams to work. One person
suggested that the time may out which is effecting it. The time was set
wrong, is there a special way of resetting it or do I just click on the
clock in the bottom corner of the screen?

 

[Guest]

I can't set the time to an external source because the network is not attached to the internet for security reasons

The first thing you need to fix is the time issue. Until you have the PDC
emulator synchronizing its time from an external source you're likely to run
into all manner of problems. Read here:

http://support.microsoft.com/default.aspx?scid=216734

--
Richard G. Harper [MVP Win9x] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

The active directory cannot contact the domain on my server. Because of

this it does not work and lots of things relying on it don't work, people
can log in but not use the network drives or exchange.

Some other services did not start on start up because the passwords in

services had some how had changed.

Could something like this be stopping AD from connecting to the domain? I

have tried lots of things now but nothing seams to work. One person
suggested that the time may out which is effecting it. The time was set
wrong, is there a special way of resetting it or do I just click on the
clock in the bottom corner of the screen?

Thanks

 

[Guest]

AD errors say; did not start due to logon failure
Netlogon: No Windows NT or Windows 2000 Domain Controller is available for domain CHIRP. The following error occurred:
There are currently no logon servers available to service the logon request.
Netlogon: The session setup from the computer CHIRP12 failed to authenticate. The name of the account referenced in the security database is CHIRP12$. The following error occurred:
Access is denied.
SAM: The account-identifier allocator was unable to assign a new identifier. The identifier pool for this domain controller may have been depleted. If this problem persists, restart the domain controller and view the initialization status of the allocator in the event log.
Service Control Manager: The Kerberos Key Distribution Center service terminated with the following error:
The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation.

 

[Jetro]

Netlogon: Check the DHCP and DNS settings on servers, and correct any
errors, make sure that DCs register their DOMAIN<1C> NetBIOS names with the
WINS.
SAM: there is no access to the RID Master server.
Kerberos: please read
http://support.microsoft.com/default.aspx?scid=kb;[LN];303330
Netlogon and Kerberos Key Distribution Center Generate Events 5737 and 7023
and Do Not Start

All the errors are related and bound. I would start from 'sfc /scannow' and
re-applying SP. Is it the only server in the domain?
BTW, it would be useful to provide event Num along with the source.

 

[Guest]

Thanks,

you're right they are all releated. I have forced a remove of DNS and AD and repaired OS. People can now log in again and access newtork drives and folders. Which is a good start, everything else stems from this.
It is the only server on the domain. When you say SP do you mean service pack? Sorry, too many acronyms to keep up with lately.

 

[Jetro]

You are right, SP is a service pack. Add another D(omain) C(ontroller) for
redundancy.