network login problem

Question

spikes 0 Junior Poster

21 Years Ago

Hi All,
have any of you come accross this issue. when login in to a windows 2000 domain, controled by active directory (server 2000) i get the following msg:

"the system could not log you on to this domain because the systems computer account in its primary domain is missing or the password on that account is incorect"

the password is fine. i have found this somtimes happens when the computer name has been changed, or the computer has be disjioned from the network.

do any of you know how to refresh the account or reset the computer info to restore the account in to its primary domain?

many thanks

spikes

windows-nt-2000-xp

6 Contributors
8 Replies
184 Views
4 Years Discussion Span
Latest Post 16 Years Ago Latest Post by Wil 0' Wisp

techniner 2 Posting Pro

19 Years Ago

Make the machine part of a workgroup... reboot.. then re join it to the domain.

Sounds like your Computer Account is screwed up... If you change PC names without updating it through AD then you are going ot get this error

kc0arf 68 Posting Virtuoso

19 Years Ago

Hello,

A little bit of background: your computer uses TWO accounts when logging into a Windows Domain: the Computer account, and the User account.

The Computer account is a behind-the-scenes key with a username (the computer's NETBIOS name) and a password that is made up when the computer first joins the domain. Improper domain management can cause your computer, and the server, to become out of sync concerning this account.

Ways to repair are to go into AD and delete the computer, and then go to the computer, and remove it from the domain. Wait 15 minutes, and then re-join the computer. You have to wait because your domain may be out of sync with the rest of the domain controllers, and you have to wait for a conversation cycle before AD stabilizes.

Christian

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

mmoloney 0 Newbie Poster · Answer 1 · 2005-06-14T19:40:44+00:00

check active directory to see if the computer account is still in there but disabled. If it is enable it and you should be fine. If it is gone then you will have to readd the pc to the domain, which will create a new SID. It is best to do this from the pc being added.

techniner 2 Posting Pro · Answer 2 · 2005-06-14T19:59:03+00:00

You can also force replication using ADSI Edit.

But this is only for super impatient admins such as myself :o

mmoloney 0 Newbie Poster · Answer 3 · 2005-06-14T20:01:32+00:00

exactly!

I am impressed with your explaination. it is funny how I was thinking all those things but my post didn't come out that way.

Wil 0' Wisp 2 Newbie Poster · Answer 4 · 2007-08-03T20:27:17+00:00

You can also check it with replmon, and force it from there. goto support tools directory and run if from there (it part of the kit that comes on the server 2003 server disk)

hizkias 0 Newbie Poster · Answer 5 · 2008-01-25T18:24:44+00:00

pls try by resetting the computer account in the AD users and computers , rigth click on the computer account and click reset.

Wil 0' Wisp 2 Newbie Poster · Answer 6 · 2008-01-29T02:19:08+00:00

Better than that Wholesale corruptions OF AD no replications and replication failures so Microsoft came in a s sorted it took 10 hours so it weren't a quick fix, The hands free phone went flat in the middle!

Ta anyway