G
Guest
Guest
Archived from groups: microsoft.public.windowsnt.domain (More info?)
A client has a problem with the updating of the SAM database on a remote BDC.
This generally manifests itself when a user is aked to change password but
the attempt fails with the error "No domain controller was available..."
The event log on the BDC reports netlogon errors 5719 and 3096 (again,
indicating that the domain controller cannot be found). Starting and stopping
the netlogon service reproduces these.
Administration using Server Manager or User Manager via the BDC fails as it
cannot communicate with the PDC.
All other communication over the remote link (formerly a dedicated leased
line but now a VPN over an ASDL connection) is fine. No problem mapping
drives, connecting to Exchange Server on the PDC etc.
I've trailed through the MSKB for any reference to the above messages but
nothing I've tried helps. As a temporary measure, and in order to prevent the
remote users from suddenly being locked out of the system when they can't
change their passwords, I've promoted the BDC to a PDC so that I could edit
the SAM and stop their passwords expiring. (Obviously, the original PDC is
still a PDC due to the lack of communication between the two during this
process). I've also edited the SAM on the original PDC so that the remote
users have the same passwords which do not expire. This then allows them to
connect to their email accounts.
With this temporary measure, the users do not see any difference but I need
some advice on how to fix what I presume is a problem with the netlogon
service on the BDC. With a complete re-install beingthe last option does
anyone have any suggestions?
Both servers are running NT 4 Server, with up-to-date server packs and
patches. They are linked through Symantec 300 gateways and ZyXel Prestige
ADSL routers.
A client has a problem with the updating of the SAM database on a remote BDC.
This generally manifests itself when a user is aked to change password but
the attempt fails with the error "No domain controller was available..."
The event log on the BDC reports netlogon errors 5719 and 3096 (again,
indicating that the domain controller cannot be found). Starting and stopping
the netlogon service reproduces these.
Administration using Server Manager or User Manager via the BDC fails as it
cannot communicate with the PDC.
All other communication over the remote link (formerly a dedicated leased
line but now a VPN over an ASDL connection) is fine. No problem mapping
drives, connecting to Exchange Server on the PDC etc.
I've trailed through the MSKB for any reference to the above messages but
nothing I've tried helps. As a temporary measure, and in order to prevent the
remote users from suddenly being locked out of the system when they can't
change their passwords, I've promoted the BDC to a PDC so that I could edit
the SAM and stop their passwords expiring. (Obviously, the original PDC is
still a PDC due to the lack of communication between the two during this
process). I've also edited the SAM on the original PDC so that the remote
users have the same passwords which do not expire. This then allows them to
connect to their email accounts.
With this temporary measure, the users do not see any difference but I need
some advice on how to fix what I presume is a problem with the netlogon
service on the BDC. With a complete re-install beingthe last option does
anyone have any suggestions?
Both servers are running NT 4 Server, with up-to-date server packs and
patches. They are linked through Symantec 300 gateways and ZyXel Prestige
ADSL routers.