|
Home > Archive > Server 2003 > July 2005 > Win server 03 environment issue
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Win server 03 environment issue
|
|
| cezar_kido 2005-07-19, 4:47 am |
| Hi everyone,
I installed my trial win server 03 4 weeks ago. I have 3 workstations (win2kpro and XP)which I added them to the domain that was created. Everithing was ok : DHCP, DNS, WINS, RIS, Active Directory, Groups & Users.
3 days ago the instructor from MCSE classes told us to get some experience installing the server 03 and try to remember which are the default settings before you add services. OK, I did that but when I tried to log on with my workstations to the same domain (same name), I got the answer "The domain is not available" . I checked the server's system log and it says the SID of the workstation is not recognized.
I tried to change the SID (security identifier) using a little program but it was helpless.
My question is : The only option for me is to format the workstations' hdds ? Or there is another easier way?
Any suggestions will be appreciated.
Thank you. | |
| ScratchOne 2005-07-19, 2:02 pm |
| No... don't reinstall.
Just remove the workstation from the domain, make sure the computer object is removed from AD users and groups, reboot the workstation, rejoin the domain.
Badda Bing! | |
| cezar_kido 2005-07-19, 4:57 pm |
| The point is that:
AFTER I REinstalled a fresh win. ser. 03 I can not join the domain with the workstations that worked fine when I initially logged on the domain. So after I REinstalled a fresh serv. 03 it was no OU in AD or computer names.
So there are 2 separate moments:
#1 - when everything was OK . Fresh win. serv. and workstations without initial domain setup.
#2 - when I REinstalled win. ser. 03 I can not join the domain with the SAME workstations but wich already joined a domain with another server before.
The log of win serv. says : The SID of the workstation is not recognized.
Thank you anyway. | |
| ScratchOne 2005-07-19, 6:58 pm |
| What happened was that your original domain created a random Security Identifier for your workstation in AD.. its not actually random, but for this discussion we can say that it is.
When you reinstalled Win2k3 using the exact domain name as before, it created a different SID for all the same default object in AD. Since your PC was assigned a different SID from what this domain is looking for, you’ll be denied access.
Simply unplug your network cable from your pc, logon LOCALLY as a user that has local admin privileges. Get to the system properties and join a workgroup, the workgroup name is not relevant. ... Reboot...
Plug the network cable into the network card, logon LOCALLY with a user account that has admin privileges, verify you can ping the server, go to the system properties and rejoin this new domain. Your computer account object in AD will be assigned a new SID.
You can also logon with a domain administrator account if you need to, just make sure your NOT connected to the network when you do. The cached credentials on the workstation will permit logons for administrators only… You don’t want to be authenticated against your DC which is also your Global Catalog server, .. all the FSMO roles server. | |
| ScratchOne 2005-07-19, 7:01 pm |
| Another option is to use SYSPREP... this will remove any SID as well...
Not recommended unless you have experience imaging/cloning... | |
| cezar_kido 2005-07-24, 1:42 am |
| Thank you very much, it worked! |
|
|
|
|