none
Currently No Logon Servers Avallable error when using powershell command Reset-ComputerMachinePassword

    Question

  • Hi All

    I have a computer (Windows 7) that was on a windows 2003 server that I have moved to a windows 2008 server, the domain name is the same and the users login is the same but I get a trust relationship error when they i try to logon. I tried to run the Reset-ComputerMachinePassword in powershell but I get the error

    There are Currently No Logon Severs Avallable to Service the Logon Request

    Is there something else I have to reset first to get this to work? I would just take it of the domain and then put it back on but it does not use the same directory in users for the account so it looses all of its setting.

    Thank you

    Tuesday, April 10, 2012 1:38 PM

Answers

All replies

  • Hello,

    was the Windows server 2008 added to the exiting domain or did you install a new DC with the old domain name? If the latter then the machine must be added to the new domain BEFORE you can work with it.

    If the first option please assure that the new DC is also GC and DNS server and that the domain machines are configured to use this one on the NIC and NOT any other DNS server like tyour ISPs one.

    Please post an unedited ipconfig /all from the old and new DC and the client having problems.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Tuesday, April 10, 2012 1:42 PM
  • Hello,

    Do you mean that you have a secure channel issue? If yes, see that: http://support.microsoft.com/kb/979495

    Also, make sure that your computer is pointing to the correct internal DNS server as primary DNS server. What if you unjoin and join again the computer to your AD domain?

    If the secure channel issues persists then run dcdiag on your DCs to check that there is no replication issue.

    If this is a new domain then you have to join the computer to it.

    Please detail more your issue so that we can understand you correctly.


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer


    • Edited by Mr XMVP Tuesday, April 10, 2012 1:47 PM
    Tuesday, April 10, 2012 1:46 PM
  • Hi Meinolf

    Thank you for the quick response, Yes it is a new DC with the old domain name. Is there no way to get around re-adding it to the domain as it does not use the same user settings when rejoined? ie old server the user directoy in windows 7 was the username with the new server it is username.domain


    • Edited by Tony1092 Tuesday, April 10, 2012 1:50 PM
    Tuesday, April 10, 2012 1:49 PM
  • Hello again,

    So you created a new domain with the same name as the old one?

    Since this is the case then note that you will have to join all computers to the new domain and create user accounts for all users you have if you are planning to use the new AD domain instead of the old one. Note here that you will lose access to resources based on the use of old SIDs.

    What are trying to do exactly? Is it upgrading to AD DS 2008 / 2008 R2? If yes, refer to that: http://technet.microsoft.com/en-us/library/cc731188%28v=WS.10%29.aspx

    If you want to migrate to a new AD environment then you can consider using ADMT for migration: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=19188

    Here, note that source and destination domains should have:

    • Different SIDs
    • Different DNS names
    • Different NetBIOS names

    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

    Tuesday, April 10, 2012 1:56 PM
  • Hi Mr X

    I had a small windows 2003 server setup that has been used for some internal development, we have just installed a 2008 R2 network for the whole company and I wanted to take  One of the computers from the old network to the new one, I was hopeing that I could recreate the trusts on the windows 7 machine without re-adding it to the new domian as it has a lot of programs and information stored on it that would have to be re-installed as 2008 network doesn't use the current user directoy.

    If there is no way of re-createing the trusts or getting it to use the current user information then I guess I will have to re-install.

    Thank You

    Tuesday, April 10, 2012 2:28 PM
  • Hi Meinolf

    Thank you for the quick response, Yes it is a new DC with the old domain name. Is there no way to get around re-adding it to the domain as it does not use the same user settings when rejoined? ie old server the user directoy in windows 7 was the username with the new server it is username.domain


    Hello,

    with the same name you still have created a new SID and MUST rejoin the client to the new domain. Also user accounts will NOT be able to use the old profile folder, instead a new one will be created as you see with username.domain.

    You cann copy after new creation the old content via System properties, Advanced tab, User Profiles, Settings Button to the new created profile with an Administrator account. This should help to keep the settings.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Tuesday, April 10, 2012 3:58 PM
  • If there is no way of re-createing the trusts or getting it to use the current user information then I guess I will have to re-install.

    Thank You

    Hello,

    NO, the new server must be added to the existig domain to achieve the copying from AD and using the "old" accounts on the new server. See here about adding new OS DCs to an existing domain:

    http://msmvps.com/blogs/mweber/archive/2010/02/10/upgrading-an-active-directory-domain-from-windows-server-2003-to-windows-server-2008-or-windows-server-2008-r2.aspx


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    • Proposed as answer by Rick TanModerator Wednesday, April 11, 2012 8:15 AM
    • Marked as answer by Tony1092 Wednesday, April 11, 2012 10:18 AM
    Tuesday, April 10, 2012 4:01 PM
  • I would agree with Meinolf.

    See my suggested article in my previous reply for upgrading to AD DS 2008 / 2008 R2.

    Once upgraded, you will be able to introduce 2008 / 2008 R2 DCs with no problems.


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

    Tuesday, April 10, 2012 4:14 PM
  • Since the the you have created new server in new domain(using old domain name).You need to disjoin the PC from domain and join again to domain.

    Also more important is you need to reconfigure the profile.You need to lgin with user id the new profile will be created then login with local admin copy the desltop,mydoc,faviroutes from old profile to new profile.Once done you need to reconfigure outlook profile if any and map printers,map drives(if manaully mapped in prevoius profile.

    If possible as other mentioned configure the server as additional DC to get rid of above step.
    http://social.technet.microsoft.com/wiki/contents/articles/migrating-active-directory-domain-controller-from-windows-server-2003-to-windows-server-2008.aspx
    http://www.elmajdal.net/win2k8/migrating_active_directory_domain_controller_from_windows_server_2003_to_windows_server_2008.aspx

    Hope this helps


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Tuesday, April 10, 2012 4:40 PM
  • Hi All

    Thank you for your replies, I think I am going to start again and do as you all suggest and migrate the information from the old server to the new.

    Wednesday, April 11, 2012 10:18 AM