No announcement yet.

NT4 server can't logon to w2k domain

  • Filter
  • Time
  • Show
Clear All
new posts

  • NT4 server can't logon to w2k domain

    Hi, I've w2k domain (A) with AD and NT4 Svr as a members server. Then I've created one way trust between my domain (domain A) and other domain (B), there's domain B trust domain A (diffrerent forest). Everything worked fine before, after created that trust relationship my NT Svr can't logon to the domain A.
    The NT Svr can perform name resolution (nslookup), ping others computers and can access internet, but can't logon. The error message is "System can not log you on to the domain because the systems computer account in its primary domain is missing or the password on that account is incorrect."
    I've tried to reset and deleted NT Svr computer account, re-joint, changed the server's name but still got the same error.
    I ever have the same problems with W2K domain and solved with created secondary DNS zone in both sides. The problems is its stand in the same domain, NT Srv is a member's of the w2k domain.
    Please advise, thanks in advance.

  • #2
    NT does not use DNS to locate DCs. It uses Netbios name resolution (WINS\broadcasts).
    Any chance that in domsin B exists a computer with the same name as your A's domain PDC emulator ?

    Also you could try to eliminate the problem by manually telling NT server how to find the DC by editing LMHOSTS file and adding something like:

    Code:    mydc01     #PRE #DOM:domain_name
    Take a look at an examples in the lmhosts file (should be at c:\winnt\system32\drivers\etc).
    Guy Teverovsky
    "Smith & Wesson - the original point and click interface"


    • #3
      I've did it (adding pdc,bdc addresses into host file), sync Wins Server in NT Svr with w2k svr succesfully but still facing the same problems. I'm 100% sure if it's no computer with the same name in my network (located in the same subnet). Any suggestion?


      • #4
        Hi, I've solved it, the problem is Antivirus program/McAfee Enterprise Edition 8.0i (latest version), when I checked my PDC log files I found in McAfee log files if there're some services blocked by that program. It has a built-in firewall function, but the things that I can't understand is I used a default setting. I think McAfee should review a features activated by default in their program, I surprised when I solved this problem with changed the antivirus program with the older version. First time I didn't think if there's the problems when I read those log files, but who knows then I uninstalled it and test to logon the NT Server and working....Until now I still feel it's funny, unless I modified the default setting no wonder if it happen without knows the appropriate setting.I call it magic....


        • #5
 I called it magic, the magic has gone and it happen again.....exactly the same as before......HELP....HELP......


          • #6
            Sorry for late reply, I'm out of office for last 2 weeks. Yes it did, the av program still an old version. But I think I've found the problem (not sure enough), I didn't mention in my 1st post if there's another domain (NT4) in my network with the same subnet. I've not mentioned it because nothing change in it when the problem occurred.It has a trust relationship with my primary domain (one way, NT trust pri.dom), when the problems occurred again after fixing with changed av program I've a problems with that server too. The trust relationship broken because name's resolution issues (solved with static mapping in WINS server). Then I plan to troubleshoot the main problem (NT can't log on) but when I tried to log on there's no error like before, it's already fixed. It's fixed when (after) I fixed NT domain relationship with my primary domain. Until now the problems not yet occurs again.
            Then I think that server (NT) has integration with the NT PDC (domain), but I can sure you if there's no relation between those servers (only located in the same network). Any explanation guys.....?