Windows cannot connect to domain (2003)...computer account not found

By lemri
Nov 22, 2006
Topic Status:
Not open for further replies.
  1. Here is the back story:

    I am at a school with a NT4.0 domain server. We bought a new 2003 SP1 server. We have two IP ranges. Our old configuration had static IP address with 2 DNS servers located at the district that was referenced in the TCP/IP properties.

    I set up the new server with 4 roles. It has an Active Directory. It is a DHCP server (I have 98 machines). The DHCP has a superscope with 2 scopes within the superscope. Each scope has a range of IP address and the exceptions for the server, printers, et cetera. It also is a DNS server that "listens to all IP addresses" instead of listen to the "following IP addresses."

    However, on the listen to the following IP addresses I put in it's own IP address. The DNS server also has 2 forwarders to the district DNS servers.

    The last role is as a File Share.

    I have connected about 400 computers just fine. Everything is working good...however I am now getting sporadic computers that can't log on. I get this message:
    The computers are still on the server.

    If I re-add the client machine to the domain, everything is fine--for now. This has been happening to xp machines. It has happened 5 times now, and I am worried about a continual problem or a major problem around the corner.

    Are there any ideas on what is causing this? I have read up a little bit about SID problems, but I am not that literate yet. I am wondering if I set something up wrong, failed to set something up, or if there is an entirely different reason.

    Could it be because the computers are still on the NT4.0 directory. I have not taken off the NT4.0 active directory yet or added the NT server to the 2003 server. I also have an independent 2000 server for the library and a 2003 server for a special ed room and program.

    No one at the district can help. I am out of ideas. I am getting really worried that I did something wrong I can't fix. I am not an expert. I am in the very beginning stages of my MCSA training.
  2. Ididmyc600

    Ididmyc600 TechSpot Chancellor Posts: 2,251

    I would look at the network before you look at the OS, when it happens see if you can ping the server by name and IP, also look in the event viewer of the machine and see if there is anything showing up in there.

    Regards
  3. tipstir

    tipstir TS Ambassador Posts: 4,596   +79

    Are you saying your still using Windows NT Server 4.0? If I was like you I would better off just migrating over that old server to Windows 2003 Enterprise Server. You'll have better results with Active Directory and those scopes or roles.
  4. lemri

    lemri Newcomer, in training Topic Starter Posts: 26

    We are currently using a NT4.0 server. We want to migrate to the 2003 server. However, our NT server is so old and had so many people messing with it without credentials that migrating would be a bad idea in my opinion. It was never set up correctly, lots of people changed settings, roles, and properties.

    When we got our new server, I decided to start from scratch. I could not just unplug the old server--secretaries and teachers needed it. So, I recreated all of our student ids in active directory and their network shares on the new 2003 server. I then transferred our clients in our library and labs onto the new server from system properties.

    Our old server is still running. It still has the library and lab computers on it, but I added the computers onto the new server. I am wondering if having both servers up and running is causing the problem.

    As soon as I figure out why random computers are saying they are not on the new domain, I will turn off the old server (and probably junk it) and add the secretary, teacher, and administrator's computers onto our 2003 server.
  5. tipstir

    tipstir TS Ambassador Posts: 4,596   +79

    When I say migrate I didn't mean to use the same old server. But you already have a new server so start there. This takes time to do. Not easy but it can be done. Don't do this during school hours, you'll most likely have to do this after hours.

    Have fun!
  6. lemri

    lemri Newcomer, in training Topic Starter Posts: 26


    I guess I am not understanding you. I have already migrated! I have set up my server with 4 roles. I have, with the combination of command lines and vb scripts, added in over 1400 students. I have already created thier network shares. I have transferred their homework on the new server.

    It is running and functional. The problem I am having is not in getting migrated. That is done (with the exception of faculty and administration). The problem is the computers I have added onto the new server are randomly taking themselves of the connection to the server.

    If I look on the server it says the computer is added. I have even logged on to the local machine several times. But now, for no reason I can think of, when I try to log on to about 5 machines, it says it is not connected to the domain.

    I can re-add them to the domain and everything works. I am worried that more machines will, without warning, stop being able to log on to the domain. I am trying to figure out why I keep getting this message on just a few machines:


    Like I said, the new server is up and running. A couple hundred computers have been added to it. I am randomly getting computers that are saying they can't connect to the domain. If I log on locally, I can reconnect them to the domain, but I don't want to have to keep doing that.

    Any ideas?
  7. Samstoned

    Samstoned TechSpot Paladin Posts: 2,582

    how about user time outs or log off settings
    maybe someone changed the way the log ons where connected
    if you just pulled the info off the NT look at the user ID's see if the logon is set to expire.
    try shutting dwn the NT see if you still get the error

    a reconnection sounds like security setting
  8. chrispudge

    chrispudge Newcomer, in training Posts: 47

    hey lemri, try disjoining those computers from the domain and re-join them..that seems to help me out at my job..i get the same error sometimes.
  9. tipstir

    tipstir TS Ambassador Posts: 4,596   +79


    How many licenses for active connections did you set the Windows 2003 Server too?
  10. lemri

    lemri Newcomer, in training Topic Starter Posts: 26

    That does work, thanks, but I want to get to the root of the problem and fix it. I tried the advice of pinging the server, and I can ping it just fine.

    Moving on I checked the event viewer. There were no security events, but I had lots of application and system events. The event I am zeroing in on is this.
    and
    and
    and
    It looks like I am off to read that link that has been referenced in every error message.
  11. tipstir

    tipstir TS Ambassador Posts: 4,596   +79

    This is more Active Directory problem with assigned names and active/none active names on your enterprise. Does Active Directory see these PCs on your domain?
     
  12. lemri

    lemri Newcomer, in training Topic Starter Posts: 26

    yes.

    From reading the articles, I think the problem is that my NT4.0 is acting as a DHCP and the 2003 is a DHCP server. The NT4.0 is not connected to my 2003 domain, so I have to DHCP servers assigning ip addresses.

    Most of my NT4.computers that are not added to the 2003 server have static ip addresses, but some of them don't. The ones that are relying on dynamic ip addresses are causing a problem with authentication--this is what I am thinking.

    Once I convert the teacher computers over, I can take the NT4.0 server offline. I think and hope that will resolve the issue.
  13. chrispudge

    chrispudge Newcomer, in training Posts: 47

    lemri, once you disjoin & rejoin the pc - does the problem still occur?
  14. tipstir

    tipstir TS Ambassador Posts: 4,596   +79

    Well you got to take the old server off the domain.. When you can...
  15. lemri

    lemri Newcomer, in training Topic Starter Posts: 26


    It doesn't re-occur on that particular machine. At least not yet. It has only happened a few times, so I am not sure if rejoining permanently fixes it or if it could occur in the future.

    I really want to take my old NT40 offline, however our administration accesses a database on the old server for student school, money, and grade, accounts. Until the district gets me an updated database file to put on the 2003 server, I can not take it off line.

    They have a process I have to go through. I have emailed and called them and hope I can get it today.

    I have deleted the old computers off of the server. I am going around today and changing the DNS server on the machines that are still connected to the NT server to my 2003 server.

    Once I get done, I am going to take off the DHCP and DNS server functions on the old server and hope that helps.

    By the way, thank you for all of your feedback and advice. It has helped me narrow the problem and focus my thoughts.
  16. chrispudge

    chrispudge Newcomer, in training Posts: 47

    no problem dude..happy my advice helped lol
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.