NT 4.0 Network Problems after ERD on PDC

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

A long story, beginning 5/4/05 with the PDC doing an uninitialized reboot in
the a.m., which ultimately led to promoting the BDC to PDC (which did not
register with the old PDC since it could not be reached), then doing an ERD
on the old PDC, then using MS Article 196603 to fix C000000Df error on old
PDC after the ERD. That "fixed" that error, but now logon fails on the old
PDC, using any user name, including administrator, w/ msg to check user name
and password to be sure they're correct, etc. When the old PDC is off, the
newly promoted BDC Server Manager correctly IDs itself as the PDC and the old
PDC as the BDC. With the old PDC on, I cannot access Server Mgr. on the
newly promoted PDC, "Access denied". However, since I cannot log onto the
old PDC, I can't find out what's what on that machine. With the old PDC off,
WINS Manager on the newly promoted PDC (previous BDC) shows 15 mappings for
that IP address, including itself, the old PDC and the domain name, all
listed several times. (Since promoting the BDC to PDC, it now has the old
PDC's IP addy.) nbtstat -c shows one PC on the other subnet, a member server
and an XP machine on this subnet, all with <20> and a TTL of under 600 secs.
nbtstat -n on the new PDC shows: <NewPDC> 00 unique; (NewPDC> 20 unique;
<DomainName> 00 Group; <DomainName> 1c Group; <DomainName> 1b unique;
<NewPDC> 03 Unique; Administrator 03 Unique; <DomainName> 1e Group;
<DomainName> 1d Unique; MS Browse 01 Group. I've been told the only fix is to
delete the old PDC's name and do a fresh op sys installation on that machine,
installing it as the BDC, naming it the same/old name as it had, then
promoting it to PDC after everything is running okay. Needless to say, I
would really, REALLY like to avoid reinstalling the op sys but am at a total
loss of what to try to fix this and am hoping for help here....or at least
some other ideas of what to try before giving up and doing a fresh
installation. As I said, this all started on 5/4, and I've been working on
it since then, so if you need more info, please let me know. I probably have
it but don't know what is necessary to post and what isn't. THANK YOU SO
MUCH FOR ANY HELP!

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Hi Kate,

You have received inaccurate advice. Because both DCs are
from the same domain, once you get them communicating
properly you should have the option to demote one of them
using server manager. This is the only time you have this option
in NT 4.0. I would open a dos prompt on both and run net
accounts and check the computer role. If they are indeed both
PDCs the role will be primary. Then I would check the local
lmhosts file on each machine to make sure there are no offending
entries. Next open the WINS database and sort by tcp/ip address
and delete all mappings, including static mappings pertaining to
both machines then reboot both of them. Keep in mind once both
SAMS will not be merged, rather one of them will be discarded.

"kate" <kate@discussions.microsoft.com> wrote in message news:
> A long story, beginning 5/4/05 with the PDC doing an uninitialized reboot
in
> the a.m., which ultimately led to promoting the BDC to PDC (which did not
> register with the old PDC since it could not be reached), then doing an
ERD
> on the old PDC, then using MS Article 196603 to fix C000000Df error on old
> PDC after the ERD. That "fixed" that error, but now logon fails on the
old
> PDC, using any user name, including administrator, w/ msg to check user
name
> and password to be sure they're correct, etc. When the old PDC is off,
the
> newly promoted BDC Server Manager correctly IDs itself as the PDC and the
old
> PDC as the BDC. With the old PDC on, I cannot access Server Mgr. on the
> newly promoted PDC, "Access denied". However, since I cannot log onto the
> old PDC, I can't find out what's what on that machine. With the old PDC
off,
> WINS Manager on the newly promoted PDC (previous BDC) shows 15 mappings
for
> that IP address, including itself, the old PDC and the domain name, all
> listed several times. (Since promoting the BDC to PDC, it now has the old
> PDC's IP addy.) nbtstat -c shows one PC on the other subnet, a member
server
> and an XP machine on this subnet, all with <20> and a TTL of under 600
secs.
> nbtstat -n on the new PDC shows: <NewPDC> 00 unique; (NewPDC> 20 unique;
> <DomainName> 00 Group; <DomainName> 1c Group; <DomainName> 1b unique;
> <NewPDC> 03 Unique; Administrator 03 Unique; <DomainName> 1e Group;
> <DomainName> 1d Unique; MS Browse 01 Group. I've been told the only fix is
to
> delete the old PDC's name and do a fresh op sys installation on that
machine,
> installing it as the BDC, naming it the same/old name as it had, then
> promoting it to PDC after everything is running okay. Needless to say, I
> would really, REALLY like to avoid reinstalling the op sys but am at a
total
> loss of what to try to fix this and am hoping for help here....or at least
> some other ideas of what to try before giving up and doing a fresh
> installation. As I said, this all started on 5/4, and I've been working
on
> it since then, so if you need more info, please let me know. I probably
have
> it but don't know what is necessary to post and what isn't. THANK YOU SO
> MUCH FOR ANY HELP!

 

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

THANK YOU SO MUCH FOR RESPONDING!
I can't log on to the old PDC, tells me system couldn't log me on. Make
sure user name and domain are correct, passwords must be in correct case,
check CAPS button.
On the new PDC (promoted BDC), net accounts shows it as PRIMARY. The hosts
list on the new PDC shows only 1 IP addy, which I don't recognize, but I can
successfully ping it and when I type nslookup <that IP addy>, it says it
can't find server for address <my VPD router addy>: Non existant domain.
Default servers are not available. Server: Unknown Address <my VPN router
addy>. Therefore, I'm assuming the "strange" IP addy in the hosts list is
the same as the IP addy for my VPN router??

"Michael Giorgio - MS MVP" wrote:

> Hi Kate,
>
> You have received inaccurate advice. Because both DCs are
> from the same domain, once you get them communicating
> properly you should have the option to demote one of them
> using server manager. This is the only time you have this option
> in NT 4.0. I would open a dos prompt on both and run net
> accounts and check the computer role. If they are indeed both
> PDCs the role will be primary. Then I would check the local
> lmhosts file on each machine to make sure there are no offending
> entries. Next open the WINS database and sort by tcp/ip address
> and delete all mappings, including static mappings pertaining to
> both machines then reboot both of them. Keep in mind once both
> SAMS will not be merged, rather one of them will be discarded.
>
> "kate" <kate@discussions.microsoft.com> wrote in message news:
> > A long story, beginning 5/4/05 with the PDC doing an uninitialized reboot
> in
> > the a.m., which ultimately led to promoting the BDC to PDC (which did not
> > register with the old PDC since it could not be reached), then doing an
> ERD
> > on the old PDC, then using MS Article 196603 to fix C000000Df error on old
> > PDC after the ERD. That "fixed" that error, but now logon fails on the
> old
> > PDC, using any user name, including administrator, w/ msg to check user
> name
> > and password to be sure they're correct, etc. When the old PDC is off,
> the
> > newly promoted BDC Server Manager correctly IDs itself as the PDC and the
> old
> > PDC as the BDC. With the old PDC on, I cannot access Server Mgr. on the
> > newly promoted PDC, "Access denied". However, since I cannot log onto the
> > old PDC, I can't find out what's what on that machine. With the old PDC
> off,
> > WINS Manager on the newly promoted PDC (previous BDC) shows 15 mappings
> for
> > that IP address, including itself, the old PDC and the domain name, all
> > listed several times. (Since promoting the BDC to PDC, it now has the old
> > PDC's IP addy.) nbtstat -c shows one PC on the other subnet, a member
> server
> > and an XP machine on this subnet, all with <20> and a TTL of under 600
> secs.
> > nbtstat -n on the new PDC shows: <NewPDC> 00 unique; (NewPDC> 20 unique;
> > <DomainName> 00 Group; <DomainName> 1c Group; <DomainName> 1b unique;
> > <NewPDC> 03 Unique; Administrator 03 Unique; <DomainName> 1e Group;
> > <DomainName> 1d Unique; MS Browse 01 Group. I've been told the only fix is
> to
> > delete the old PDC's name and do a fresh op sys installation on that
> machine,
> > installing it as the BDC, naming it the same/old name as it had, then
> > promoting it to PDC after everything is running okay. Needless to say, I
> > would really, REALLY like to avoid reinstalling the op sys but am at a
> total
> > loss of what to try to fix this and am hoping for help here....or at least
> > some other ideas of what to try before giving up and doing a fresh
> > installation. As I said, this all started on 5/4, and I've been working
> on
> > it since then, so if you need more info, please let me know. I probably
> have
> > it but don't know what is necessary to post and what isn't. THANK YOU SO
> > MUCH FOR ANY HELP!
>
>
>

 

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

PS - At this time, the old PDC is NOT powered on. If I should turn it on,
let me know. Also, I have not yet followed your instructions RE deleting all
entries from the WINS database on the newly promoted PDC. If I should do
that regardless of what else is or isn't showing in whatever location or
after whatever command, let me know and I'll do so right away. (I'm no IT,
so please excuse my stumblings.)


"Michael Giorgio - MS MVP" wrote:

> Hi Kate,
>
> You have received inaccurate advice. Because both DCs are
> from the same domain, once you get them communicating
> properly you should have the option to demote one of them
> using server manager. This is the only time you have this option
> in NT 4.0. I would open a dos prompt on both and run net
> accounts and check the computer role. If they are indeed both
> PDCs the role will be primary. Then I would check the local
> lmhosts file on each machine to make sure there are no offending
> entries. Next open the WINS database and sort by tcp/ip address
> and delete all mappings, including static mappings pertaining to
> both machines then reboot both of them. Keep in mind once both
> SAMS will not be merged, rather one of them will be discarded.
>
> "kate" <kate@discussions.microsoft.com> wrote in message news:
> > A long story, beginning 5/4/05 with the PDC doing an uninitialized reboot
> in
> > the a.m., which ultimately led to promoting the BDC to PDC (which did not
> > register with the old PDC since it could not be reached), then doing an
> ERD
> > on the old PDC, then using MS Article 196603 to fix C000000Df error on old
> > PDC after the ERD. That "fixed" that error, but now logon fails on the
> old
> > PDC, using any user name, including administrator, w/ msg to check user
> name
> > and password to be sure they're correct, etc. When the old PDC is off,
> the
> > newly promoted BDC Server Manager correctly IDs itself as the PDC and the
> old
> > PDC as the BDC. With the old PDC on, I cannot access Server Mgr. on the
> > newly promoted PDC, "Access denied". However, since I cannot log onto the
> > old PDC, I can't find out what's what on that machine. With the old PDC
> off,
> > WINS Manager on the newly promoted PDC (previous BDC) shows 15 mappings
> for
> > that IP address, including itself, the old PDC and the domain name, all
> > listed several times. (Since promoting the BDC to PDC, it now has the old
> > PDC's IP addy.) nbtstat -c shows one PC on the other subnet, a member
> server
> > and an XP machine on this subnet, all with <20> and a TTL of under 600
> secs.
> > nbtstat -n on the new PDC shows: <NewPDC> 00 unique; (NewPDC> 20 unique;
> > <DomainName> 00 Group; <DomainName> 1c Group; <DomainName> 1b unique;
> > <NewPDC> 03 Unique; Administrator 03 Unique; <DomainName> 1e Group;
> > <DomainName> 1d Unique; MS Browse 01 Group. I've been told the only fix is
> to
> > delete the old PDC's name and do a fresh op sys installation on that
> machine,
> > installing it as the BDC, naming it the same/old name as it had, then
> > promoting it to PDC after everything is running okay. Needless to say, I
> > would really, REALLY like to avoid reinstalling the op sys but am at a
> total
> > loss of what to try to fix this and am hoping for help here....or at least
> > some other ideas of what to try before giving up and doing a fresh
> > installation. As I said, this all started on 5/4, and I've been working
> on
> > it since then, so if you need more info, please let me know. I probably
> have
> > it but don't know what is necessary to post and what isn't. THANK YOU SO
> > MUCH FOR ANY HELP!
>
>
>

 

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

More info that may or may not be helpful.
**I tried a repair on the old PDC, using No ERD disk but rather letting the
installation CD do a repair. Setup gave a msg. that it could not find a
previous installation of NT 4.0. (I know it's there!) This may be because
of the next
bit of info.
**I have a pair of harddisks, one was a mirror of the other
(although the mirror had been broken prior to this problem). When I boot
using VGA mode, it lists the partitions as G, K, L, C. The actual partitions
are C & E on Disk 0, D & F on Disk 1.
**As per another bit of info found on the internet, I tried a repair of only
the files: llasrv.dll, msv1_0.dll, samlib.dll, samsrv.dll, services.exe,
winlogon.exe, using copies of those files from the new PDC (promoted BDC).
After that, I again got the C00000Df error when trying to logon to the old
PDC. I "undid" that by doing another repair of those files from the old
PDC's ERD, which brought me back to the error to check user & domain names
and password when trying to logon .

"Michael Giorgio - MS MVP" wrote:

> Hi Kate,
>
> You have received inaccurate advice. Because both DCs are
> from the same domain, once you get them communicating
> properly you should have the option to demote one of them
> using server manager. This is the only time you have this option
> in NT 4.0. I would open a dos prompt on both and run net
> accounts and check the computer role. If they are indeed both
> PDCs the role will be primary. Then I would check the local
> lmhosts file on each machine to make sure there are no offending
> entries. Next open the WINS database and sort by tcp/ip address
> and delete all mappings, including static mappings pertaining to
> both machines then reboot both of them. Keep in mind once both
> SAMS will not be merged, rather one of them will be discarded.
>
> "kate" <kate@discussions.microsoft.com> wrote in message news:
> > A long story, beginning 5/4/05 with the PDC doing an uninitialized reboot
> in
> > the a.m., which ultimately led to promoting the BDC to PDC (which did not
> > register with the old PDC since it could not be reached), then doing an
> ERD
> > on the old PDC, then using MS Article 196603 to fix C000000Df error on old
> > PDC after the ERD. That "fixed" that error, but now logon fails on the
> old
> > PDC, using any user name, including administrator, w/ msg to check user
> name
> > and password to be sure they're correct, etc. When the old PDC is off,
> the
> > newly promoted BDC Server Manager correctly IDs itself as the PDC and the
> old
> > PDC as the BDC. With the old PDC on, I cannot access Server Mgr. on the
> > newly promoted PDC, "Access denied". However, since I cannot log onto the
> > old PDC, I can't find out what's what on that machine. With the old PDC
> off,
> > WINS Manager on the newly promoted PDC (previous BDC) shows 15 mappings
> for
> > that IP address, including itself, the old PDC and the domain name, all
> > listed several times. (Since promoting the BDC to PDC, it now has the old
> > PDC's IP addy.) nbtstat -c shows one PC on the other subnet, a member
> server
> > and an XP machine on this subnet, all with <20> and a TTL of under 600
> secs.
> > nbtstat -n on the new PDC shows: <NewPDC> 00 unique; (NewPDC> 20 unique;
> > <DomainName> 00 Group; <DomainName> 1c Group; <DomainName> 1b unique;
> > <NewPDC> 03 Unique; Administrator 03 Unique; <DomainName> 1e Group;
> > <DomainName> 1d Unique; MS Browse 01 Group. I've been told the only fix is
> to
> > delete the old PDC's name and do a fresh op sys installation on that
> machine,
> > installing it as the BDC, naming it the same/old name as it had, then
> > promoting it to PDC after everything is running okay. Needless to say, I
> > would really, REALLY like to avoid reinstalling the op sys but am at a
> total
> > loss of what to try to fix this and am hoping for help here....or at least
> > some other ideas of what to try before giving up and doing a fresh
> > installation. As I said, this all started on 5/4, and I've been working
> on
> > it since then, so if you need more info, please let me know. I probably
> have
> > it but don't know what is necessary to post and what isn't. THANK YOU SO
> > MUCH FOR ANY HELP!
>
>
>

 

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

I just found this while searching this site, posted by you: "If you created
a new PDC then your user accounts are gone unless you either have an existing
BDC or a ERD created using the /s switch to save the SAM and security files."

I did not use the /s switch when I created or update my ERD for the PDC. Is
that the problem? But then, why doesn't it work to use copies of those 6
security files from the acting PDC when doing a repair on the old PDC?
I have to leave this temporarily (other work duties call), but I have not
abandoned my post and WILL be back....and again, THANK YOU EVER SO MUCH!



"Michael Giorgio - MS MVP" wrote:

> Hi Kate,
>
> You have received inaccurate advice. Because both DCs are
> from the same domain, once you get them communicating
> properly you should have the option to demote one of them
> using server manager. This is the only time you have this option
> in NT 4.0. I would open a dos prompt on both and run net
> accounts and check the computer role. If they are indeed both
> PDCs the role will be primary. Then I would check the local
> lmhosts file on each machine to make sure there are no offending
> entries. Next open the WINS database and sort by tcp/ip address
> and delete all mappings, including static mappings pertaining to
> both machines then reboot both of them. Keep in mind once both
> SAMS will not be merged, rather one of them will be discarded.
>
> "kate" <kate@discussions.microsoft.com> wrote in message news:
> > A long story, beginning 5/4/05 with the PDC doing an uninitialized reboot
> in
> > the a.m., which ultimately led to promoting the BDC to PDC (which did not
> > register with the old PDC since it could not be reached), then doing an
> ERD
> > on the old PDC, then using MS Article 196603 to fix C000000Df error on old
> > PDC after the ERD. That "fixed" that error, but now logon fails on the
> old
> > PDC, using any user name, including administrator, w/ msg to check user
> name
> > and password to be sure they're correct, etc. When the old PDC is off,
> the
> > newly promoted BDC Server Manager correctly IDs itself as the PDC and the
> old
> > PDC as the BDC. With the old PDC on, I cannot access Server Mgr. on the
> > newly promoted PDC, "Access denied". However, since I cannot log onto the
> > old PDC, I can't find out what's what on that machine. With the old PDC
> off,
> > WINS Manager on the newly promoted PDC (previous BDC) shows 15 mappings
> for
> > that IP address, including itself, the old PDC and the domain name, all
> > listed several times. (Since promoting the BDC to PDC, it now has the old
> > PDC's IP addy.) nbtstat -c shows one PC on the other subnet, a member
> server
> > and an XP machine on this subnet, all with <20> and a TTL of under 600
> secs.
> > nbtstat -n on the new PDC shows: <NewPDC> 00 unique; (NewPDC> 20 unique;
> > <DomainName> 00 Group; <DomainName> 1c Group; <DomainName> 1b unique;
> > <NewPDC> 03 Unique; Administrator 03 Unique; <DomainName> 1e Group;
> > <DomainName> 1d Unique; MS Browse 01 Group. I've been told the only fix is
> to
> > delete the old PDC's name and do a fresh op sys installation on that
> machine,
> > installing it as the BDC, naming it the same/old name as it had, then
> > promoting it to PDC after everything is running okay. Needless to say, I
> > would really, REALLY like to avoid reinstalling the op sys but am at a
> total
> > loss of what to try to fix this and am hoping for help here....or at least
> > some other ideas of what to try before giving up and doing a fresh
> > installation. As I said, this all started on 5/4, and I've been working
> on
> > it since then, so if you need more info, please let me know. I probably
> have
> > it but don't know what is necessary to post and what isn't. THANK YOU SO
> > MUCH FOR ANY HELP!
>
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Your so welcome..

"kate" <kate@discussions.microsoft.com> wrote in message news:
> THANK YOU SO MUCH FOR RESPONDING!
> I can't log on to the old PDC, tells me system couldn't log me on. Make
> sure user name and domain are correct, passwords must be in correct case,
> check CAPS button.

Most likely because you've changed the password since the
ERD was created. Do you know when the ERD was created?
If so you may be able to determine your old password.

> On the new PDC (promoted BDC), net accounts shows it as PRIMARY. The
hosts
> list on the new PDC shows only 1 IP addy, which I don't recognize, but I
can
> successfully ping it and when I type nslookup <that IP addy>, it says it
> can't find server for address <my VPD router addy>: Non existant domain.
> Default servers are not available. Server: Unknown Address <my VPN
router
> addy>. Therefore, I'm assuming the "strange" IP addy in the hosts list is
> the same as the IP addy for my VPN router??

The hosts or the lmhosts file? We talking NT 4.0 or W2k or higher?

 

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

I've tried the password thing, to no avail. The ERD wasn't as current as it
should've been (4/8/05), but, at that date, I was using a blank password for
the administrator (to make it easier during hardware and network upgrades).
I've tried the blank password as well as the password I had prior to that.
I've tried every password I've ever had for any access to any network
resource or any application. Nothing works.

As for the hosts file: the "lmhosts" shows nothing except instructions/text
with # at the beginning of each line. The "hosts" file is where I found the
lone IP addy (which, by the way, has "localhost" after that addy. I
neglected to include that in my last post). All 3 network servers (old PDC,
current/promoted PDC and one member server) are running NT 4.0 Server, SP 6a

"Michael Giorgio - MS MVP" wrote:

> Your so welcome..
>
> "kate" <kate@discussions.microsoft.com> wrote in message news:
> > THANK YOU SO MUCH FOR RESPONDING!
> > I can't log on to the old PDC, tells me system couldn't log me on. Make
> > sure user name and domain are correct, passwords must be in correct case,
> > check CAPS button.
>
> Most likely because you've changed the password since the
> ERD was created. Do you know when the ERD was created?
> If so you may be able to determine your old password.
>
> > On the new PDC (promoted BDC), net accounts shows it as PRIMARY. The
> hosts
> > list on the new PDC shows only 1 IP addy, which I don't recognize, but I
> can
> > successfully ping it and when I type nslookup <that IP addy>, it says it
> > can't find server for address <my VPD router addy>: Non existant domain.
> > Default servers are not available. Server: Unknown Address <my VPN
> router
> > addy>. Therefore, I'm assuming the "strange" IP addy in the hosts list is
> > the same as the IP addy for my VPN router??
>
> The hosts or the lmhosts file? We talking NT 4.0 or W2k or higher?
>
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

I too have duties right now but I'll be back to
the forum to answer all of your posts. If you
created a new PDC or ran the installation and
chose PDC you have created a brand new
domain with the same name as your exsting
name. The problem being your user accounts
are gone.

"kate" <kate@discussions.microsoft.com> wrote in message
news:6DAFBE67-1BC0-4D10-AD0A-B77907FEF149@microsoft.com...
> I just found this while searching this site, posted by you: "If you
created
> a new PDC then your user accounts are gone unless you either have an
existing
> BDC or a ERD created using the /s switch to save the SAM and security
files."
>
> I did not use the /s switch when I created or update my ERD for the PDC.
Is
> that the problem? But then, why doesn't it work to use copies of those 6
> security files from the acting PDC when doing a repair on the old PDC?
> I have to leave this temporarily (other work duties call), but I have not
> abandoned my post and WILL be back....and again, THANK YOU EVER SO MUCH!
>
>
>
> "Michael Giorgio - MS MVP" wrote:
>
> > Hi Kate,
> >
> > You have received inaccurate advice. Because both DCs are
> > from the same domain, once you get them communicating
> > properly you should have the option to demote one of them
> > using server manager. This is the only time you have this option
> > in NT 4.0. I would open a dos prompt on both and run net
> > accounts and check the computer role. If they are indeed both
> > PDCs the role will be primary. Then I would check the local
> > lmhosts file on each machine to make sure there are no offending
> > entries. Next open the WINS database and sort by tcp/ip address
> > and delete all mappings, including static mappings pertaining to
> > both machines then reboot both of them. Keep in mind once both
> > SAMS will not be merged, rather one of them will be discarded.
> >
> > "kate" <kate@discussions.microsoft.com> wrote in message news:
> > > A long story, beginning 5/4/05 with the PDC doing an uninitialized
reboot
> > in
> > > the a.m., which ultimately led to promoting the BDC to PDC (which did
not
> > > register with the old PDC since it could not be reached), then doing
an
> > ERD
> > > on the old PDC, then using MS Article 196603 to fix C000000Df error on
old
> > > PDC after the ERD. That "fixed" that error, but now logon fails on
the
> > old
> > > PDC, using any user name, including administrator, w/ msg to check
user
> > name
> > > and password to be sure they're correct, etc. When the old PDC is
off,
> > the
> > > newly promoted BDC Server Manager correctly IDs itself as the PDC and
the
> > old
> > > PDC as the BDC. With the old PDC on, I cannot access Server Mgr. on
the
> > > newly promoted PDC, "Access denied". However, since I cannot log onto
the
> > > old PDC, I can't find out what's what on that machine. With the old
PDC
> > off,
> > > WINS Manager on the newly promoted PDC (previous BDC) shows 15
mappings
> > for
> > > that IP address, including itself, the old PDC and the domain name,
all
> > > listed several times. (Since promoting the BDC to PDC, it now has the
old
> > > PDC's IP addy.) nbtstat -c shows one PC on the other subnet, a member
> > server
> > > and an XP machine on this subnet, all with <20> and a TTL of under 600
> > secs.
> > > nbtstat -n on the new PDC shows: <NewPDC> 00 unique; (NewPDC> 20
unique;
> > > <DomainName> 00 Group; <DomainName> 1c Group; <DomainName> 1b unique;
> > > <NewPDC> 03 Unique; Administrator 03 Unique; <DomainName> 1e Group;
> > > <DomainName> 1d Unique; MS Browse 01 Group. I've been told the only
fix is
> > to
> > > delete the old PDC's name and do a fresh op sys installation on that
> > machine,
> > > installing it as the BDC, naming it the same/old name as it had, then
> > > promoting it to PDC after everything is running okay. Needless to
say, I
> > > would really, REALLY like to avoid reinstalling the op sys but am at a
> > total
> > > loss of what to try to fix this and am hoping for help here....or at
least
> > > some other ideas of what to try before giving up and doing a fresh
> > > installation. As I said, this all started on 5/4, and I've been
working
> > on
> > > it since then, so if you need more info, please let me know. I
probably
> > have
> > > it but don't know what is necessary to post and what isn't. THANK YOU
SO
> > > MUCH FOR ANY HELP!
> >
> >
> >

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

"kate" <kate@discussions.microsoft.com> wrote in message news:
> I've tried the password thing, to no avail. The ERD wasn't as current as
> it
> should've been (4/8/05), but, at that date, I was using a blank password
> for
> the administrator (to make it easier during hardware and network
> upgrades).
> I've tried the blank password as well as the password I had prior to that.
> I've tried every password I've ever had for any access to any network
> resource or any application. Nothing works.
>
> As for the hosts file: the "lmhosts" shows nothing except
> instructions/text
> with # at the beginning of each line. The "hosts" file is where I found
> the
> lone IP addy (which, by the way, has "localhost" after that addy. I
> neglected to include that in my last post). All 3 network servers (old
> PDC,
> current/promoted PDC and one member server) are running NT 4.0 Server, SP
> 6a

Okay shouldn't be a problem as long as the localhost
is pointing towards 127.1.1.1

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

"kate" <kate@discussions.microsoft.com> wrote in message news:
> PS - At this time, the old PDC is NOT powered on. If I should turn it on,
> let me know. Also, I have not yet followed your instructions RE deleting
> all
> entries from the WINS database on the newly promoted PDC. If I should do
> that regardless of what else is or isn't showing in whatever location or
> after whatever command, let me know and I'll do so right away. (I'm no
> IT,
> so please excuse my stumblings.)
No problem. The new PDC was a BDC that was promoted to
primary at one point without the original PDC?

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Hmmm I see. Now the question is how do you get
the old PDC back up and running as your BDC.
You could do a search on the internet for a utility
to recover the administrator password; there are
plenty of them out there.

"kate" <kate@discussions.microsoft.com> wrote in message news:
> More info that may or may not be helpful.
> **I tried a repair on the old PDC, using No ERD disk but rather letting
> the
> installation CD do a repair. Setup gave a msg. that it could not find a
> previous installation of NT 4.0. (I know it's there!) This may be
> because
> of the next
> bit of info.
> **I have a pair of harddisks, one was a mirror of the other
> (although the mirror had been broken prior to this problem). When I boot
> using VGA mode, it lists the partitions as G, K, L, C. The actual
> partitions
> are C & E on Disk 0, D & F on Disk 1.
> **As per another bit of info found on the internet, I tried a repair of
> only
> the files: llasrv.dll, msv1_0.dll, samlib.dll, samsrv.dll, services.exe,
> winlogon.exe, using copies of those files from the new PDC (promoted BDC).
> After that, I again got the C00000Df error when trying to logon to the old
> PDC. I "undid" that by doing another repair of those files from the old
> PDC's ERD, which brought me back to the error to check user & domain names
> and password when trying to logon .
>

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

"kate" <kate@discussions.microsoft.com> wrote in message news:
>I just found this while searching this site, posted by you: "If you
>created
> a new PDC then your user accounts are gone unless you either have an
> existing
> BDC or a ERD created using the /s switch to save the SAM and security
> files."
>
> I did not use the /s switch when I created or update my ERD for the PDC.
> Is
> that the problem? But then, why doesn't it work to use copies of those 6
> security files from the acting PDC when doing a repair on the old PDC?
> I have to leave this temporarily (other work duties call), but I have not
> abandoned my post and WILL be back....and again, THANK YOU EVER SO MUCH!

The six files are the SAM and security files. You could copy the
contents of the C:\Winnt\system32\config folder on your good
PDC and paste into the same directory on your old PDC or
choose the /repair folder on your BDC assuming you ran the
ERD on the BDC or just run the ERD with the /s switch and
the program will create the repair folder on the root of C:\.

 

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

.. If you
> created a new PDC or ran the installation and
> chose PDC you have created a brand new
> domain with the same name as your exsting
> name. The problem being your user accounts
> are gone.

I did do a new install to the secondary hard drive, leaving the original "C
drive" as it was. Is that the same as a fresh installation with the same
results? If not, should I just do a fresh install? I haven't been able to
make anything else work so far.

>
> "kate" <kate@discussions.microsoft.com> wrote in message
> news:6DAFBE67-1BC0-4D10-AD0A-B77907FEF149@microsoft.com...
> > I just found this while searching this site, posted by you: "If you
> created
> > a new PDC then your user accounts are gone unless you either have an
> existing
> > BDC or a ERD created using the /s switch to save the SAM and security
> files."
> >
> > I did not use the /s switch when I created or update my ERD for the PDC.
> Is
> > that the problem? But then, why doesn't it work to use copies of those 6
> > security files from the acting PDC when doing a repair on the old PDC?
> > I have to leave this temporarily (other work duties call), but I have not
> > abandoned my post and WILL be back....and again, THANK YOU EVER SO MUCH!
> >
> >
> >
> > "Michael Giorgio - MS MVP" wrote:
> >
> > > Hi Kate,
> > >
> > > You have received inaccurate advice. Because both DCs are
> > > from the same domain, once you get them communicating
> > > properly you should have the option to demote one of them
> > > using server manager. This is the only time you have this option
> > > in NT 4.0. I would open a dos prompt on both and run net
> > > accounts and check the computer role. If they are indeed both
> > > PDCs the role will be primary. Then I would check the local
> > > lmhosts file on each machine to make sure there are no offending
> > > entries. Next open the WINS database and sort by tcp/ip address
> > > and delete all mappings, including static mappings pertaining to
> > > both machines then reboot both of them. Keep in mind once both
> > > SAMS will not be merged, rather one of them will be discarded.
> > >
> > > "kate" <kate@discussions.microsoft.com> wrote in message news:
> > > > A long story, beginning 5/4/05 with the PDC doing an uninitialized
> reboot
> > > in
> > > > the a.m., which ultimately led to promoting the BDC to PDC (which did
> not
> > > > register with the old PDC since it could not be reached), then doing
> an
> > > ERD
> > > > on the old PDC, then using MS Article 196603 to fix C000000Df error on
> old
> > > > PDC after the ERD. That "fixed" that error, but now logon fails on
> the
> > > old
> > > > PDC, using any user name, including administrator, w/ msg to check
> user
> > > name
> > > > and password to be sure they're correct, etc. When the old PDC is
> off,
> > > the
> > > > newly promoted BDC Server Manager correctly IDs itself as the PDC and
> the
> > > old
> > > > PDC as the BDC. With the old PDC on, I cannot access Server Mgr. on
> the
> > > > newly promoted PDC, "Access denied". However, since I cannot log onto
> the
> > > > old PDC, I can't find out what's what on that machine. With the old
> PDC
> > > off,
> > > > WINS Manager on the newly promoted PDC (previous BDC) shows 15
> mappings
> > > for
> > > > that IP address, including itself, the old PDC and the domain name,
> all
> > > > listed several times. (Since promoting the BDC to PDC, it now has the
> old
> > > > PDC's IP addy.) nbtstat -c shows one PC on the other subnet, a member
> > > server
> > > > and an XP machine on this subnet, all with <20> and a TTL of under 600
> > > secs.
> > > > nbtstat -n on the new PDC shows: <NewPDC> 00 unique; (NewPDC> 20
> unique;
> > > > <DomainName> 00 Group; <DomainName> 1c Group; <DomainName> 1b unique;
> > > > <NewPDC> 03 Unique; Administrator 03 Unique; <DomainName> 1e Group;
> > > > <DomainName> 1d Unique; MS Browse 01 Group. I've been told the only
> fix is
> > > to
> > > > delete the old PDC's name and do a fresh op sys installation on that
> > > machine,
> > > > installing it as the BDC, naming it the same/old name as it had, then
> > > > promoting it to PDC after everything is running okay. Needless to
> say, I
> > > > would really, REALLY like to avoid reinstalling the op sys but am at a
> > > total
> > > > loss of what to try to fix this and am hoping for help here....or at
> least
> > > > some other ideas of what to try before giving up and doing a fresh
> > > > installation. As I said, this all started on 5/4, and I've been
> working
> > > on
> > > > it since then, so if you need more info, please let me know. I
> probably
> > > have
> > > > it but don't know what is necessary to post and what isn't. THANK YOU
> SO
> > > > MUCH FOR ANY HELP!
> > >
> > >
> > >
>
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

"Michael Giorgio - MS MVP" <Michael.Giorgio@NoSpam.mayerson.com> wrote in
message news:...
> I too have duties right now but I'll be back to
> the forum to answer all of your posts. If you
> created a new PDC or ran the installation and
> chose PDC you have created a brand new
> domain with the same name as your exsting
> name. The problem being your user accounts
> are gone.
>
> "kate" <kate@discussions.microsoft.com> wrote in message
> news:6DAFBE67-1BC0-4D10-AD0A-B77907FEF149@microsoft.com...
> > I just found this while searching this site, posted by you: "If you
> created
> > a new PDC then your user accounts are gone unless you either have an
> existing
> > BDC or a ERD created using the /s switch to save the SAM and security
> files."
> >
> > I did not use the /s switch when I created or update my ERD for the PDC.
> Is
> > that the problem? But then, why doesn't it work to use copies of those
6
> > security files from the acting PDC when doing a repair on the old PDC?
> > I have to leave this temporarily (other work duties call), but I have
not
> > abandoned my post and WILL be back....and again, THANK YOU EVER SO MUCH!
> >
It should. Copy them to a diskette then
run the NT install again and choose the
repair from SAM option then point towards
the diskette.

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Yes you created a new domain with the same name
as your existing. Look at another response I just sent
to your previous post and see if you can get that to
work for you.
"kate" <kate@discussions.microsoft.com> wrote in message news:
>
> I did do a new install to the secondary hard drive, leaving the original
"C
> drive" as it was. Is that the same as a fresh installation with the same
> results? If not, should I just do a fresh install? I haven't been able
to
> make anything else work so far.

 

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

You are wonderful!! For some reason, it took a couple tries, but it worked
and the old PDC is back in the domain and is accessible. However, now I have
two PDC's since I had previously promoted the BDC to PDC. Do I now just
demote the promoted BDC back to BDC?

"Michael Giorgio - MS MVP" wrote:

>
> "Michael Giorgio - MS MVP" <Michael.Giorgio@NoSpam.mayerson.com> wrote in
> message news:...
> > I too have duties right now but I'll be back to
> > the forum to answer all of your posts. If you
> > created a new PDC or ran the installation and
> > chose PDC you have created a brand new
> > domain with the same name as your exsting
> > name. The problem being your user accounts
> > are gone.
> >
> > "kate" <kate@discussions.microsoft.com> wrote in message
> > news:6DAFBE67-1BC0-4D10-AD0A-B77907FEF149@microsoft.com...
> > > I just found this while searching this site, posted by you: "If you
> > created
> > > a new PDC then your user accounts are gone unless you either have an
> > existing
> > > BDC or a ERD created using the /s switch to save the SAM and security
> > files."
> > >
> > > I did not use the /s switch when I created or update my ERD for the PDC.
> > Is
> > > that the problem? But then, why doesn't it work to use copies of those
> 6
> > > security files from the acting PDC when doing a repair on the old PDC?
> > > I have to leave this temporarily (other work duties call), but I have
> not
> > > abandoned my post and WILL be back....and again, THANK YOU EVER SO MUCH!
> > >
> It should. Copy them to a diskette then
> run the NT install again and choose the
> repair from SAM option then point towards
> the diskette.
>
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Good to hear. You have hit the sweet spot (so to speak)
the *only* occasion where you have the option to demote
a PDC in NT 4.0 is a situation like yours. The "promote to
primary" option in server manager actually changes to "demote
to backup". Decide which one has the most recent copy of the
SAM then demote the other BDC. Keep in mind the two SAMs
will not be merged, one of them will be discarded.

"kate" <kate@discussions.microsoft.com> wrote in message news:
> You are wonderful!! For some reason, it took a couple tries, but it
worked
> and the old PDC is back in the domain and is accessible. However, now I
have
> two PDC's since I had previously promoted the BDC to PDC. Do I now just
> demote the promoted BDC back to BDC?
>

 

[Kate]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

How do I determine which machine has the most recent SAM?

"Michael Giorgio - MS MVP" wrote:

> Good to hear. You have hit the sweet spot (so to speak)
> the *only* occasion where you have the option to demote
> a PDC in NT 4.0 is a situation like yours. The "promote to
> primary" option in server manager actually changes to "demote
> to backup". Decide which one has the most recent copy of the
> SAM then demote the other BDC. Keep in mind the two SAMs
> will not be merged, one of them will be discarded.
>
> "kate" <kate@discussions.microsoft.com> wrote in message news:
> > You are wonderful!! For some reason, it took a couple tries, but it
> worked
> > and the old PDC is back in the domain and is accessible. However, now I
> have
> > two PDC's since I had previously promoted the BDC to PDC. Do I now just
> > demote the promoted BDC back to BDC?
> >
>
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Which one has been acting as the PDC most recently e.g.,
all changes are made on the PDC. The most recent PDC
will have the most recent changes.
"kate" <kate@discussions.microsoft.com> wrote in message news:
> How do I determine which machine has the most recent SAM?
>