- If you need clarification, ask it in the comment box above.
- Better answers use proper spelling and grammar.
- Provide details, support with references or personal experience.
Tell us some more! Your answer needs to include more details to help people.You can't post answers that contain an email address.Please enter a valid email address.The email address entered is already associated to an account.Login to postPlease use English characters only.
Tip: The max point reward for answering a question is 15.
This behavior can occur for any of the following reasons:
Your password list (.pwl) file is damaged.
A service or program that loads during the startup process conflicts with another service or program.
You are using user profiles.
There is a hardware conflict on your computer.
A hardware driver on your computer is missing or damaged.
If profiles are enabled, Windows may not be able to contact the primary domain controller's Netlogon share when looking for a Config.pol file. (Windows checks for a Config.pol file even if policies are not used.)
Your primary domain controller (PDC) is not local to your Windows 95 or Windows 98 clients.
By using the os (Windows Server, UNIX, etc) it will ask during setup if you want to make this a domain controller. Remember, networks can only 1 primary domain controller (PDC) but many backup domain controllers (BDC) choose correctly as well....BDC can be promoted to PDC. PDC have to have a reinstall.
first you need to setup the roles in the server, go to the manage server console, ( can be found as a shortcut in the taskbar or under start menu ) then open the console and go to add roles.
1 - add active directory
2 - in the process it will ask you to install the DNS server role ( do it )
3 - after installing the role in the CMD command prompt type DCPROMO
4 - the DC controller installation and setup will beging ( do not do anything during this proccess )
5 - when asked by DC setup to choose what type of domain functionality level do the following
1 - windows 2003 ( this is for compatibility for windows server running 2003 and XP machines )
2 - Windows Server 2008 ( at this point nothing lower than XP can be added to the DC of course domain functionalities will increase - Only other 2008 server domain controller can be added and cluster migration from server 2003 to 2008 is not supported. )
3 - Windows Server 2008 R2 ( at this point only machines running Vista and 7 can be added to domain - windows xp is no longer supported. All the functionalities of the domain controller are available)
keep in mind once you promote the domain controller to a higher level it can't be brouht to a lower level.
once active directory is installed restart you server and the you should be able to add the clients pc or laptos to the DC example
- right click over my computer icon - click on properties - computer name - change the computer from workgroup to domain - type your FQDN ( fully qualified domain name) example: mynetwork.local or mysite.com - apply changes and restart - your computer will be part of the domain next time system boots up.
There are two basic types of DNS - primary DNS and secondary DNS, which are generally applied to each newly registered domain. They are name server computers where the record of your domain name is stored. The information on both servers is identical. The two DNS values are usually configured by your ISPor hosting provider and given to you as a very important part of your domain registration order details.
In general, domain names can work with only one name server - the primary DNS. However, practice has shown that a domain name needs to have at least two name servers assigned in order to be available at any time. In case there is a problem with the primary name server, the secondary name server will be able to answer the online request for a particular domain. This back-up requirement has turned into an accepted Internet standard that prevents domain names from going offline.
The resolution and workaround to solve the error is as below.
Login to the Windows 2003 domain controller, and delete the computer account object from the Active Directory by using Microsoft Management Console (MMC) which you can always access from “Manage Your Server”.
Log-in to the PC workstation as local administrator. If you cannot logon as local administrator, try to unplug the network cable and logon to the computer by using a domain administrator user that used to logon on the PC before, by using cached logon credentials feature.
Go to Control Panel, then click on System icon, then go to Computer Name tab.
Unjoin the computer from the domain by clicking on “Change”. You should see that Domain button is now selected. Remember your domain name in the text box. Select (Click) on “Workgroup” to remove the computer from the domain, and put any workgroup name in the text box (e.g. workgroup).
Click OK to exit.
Restart the computer (optional)
Go back to the Control Panel, launch System properties and then go to Computer Name tab, and click on “Change”.
Rejoin the domain by uncheck the Workgroup button and select (check) Domain button, and put in the domain name noted above into the text box.
Click OK to exit.
Reboot the PC.
This should solve the unable to logon to domain error, without changing or losing the user profiles on AD.
An application directory partition is represented by a domainDNS object with an instanceType attribute value of DS_INSTANCETYPE_IS_NC_HEAD combined with DS_INSTANCETYPE_NC_IS_WRITEABLE. This domainDNS object represents the application directory partition root (NC head), and is named similar to a regular domain partition, for example, "DC=dynamicdata,DC=fabrikam,DC=com", which corresponds to a DNS name of "dynamicdata.fabrikam.com". An application directory partition can, therefore, be instantiated anywhere a domain partition can be instantiated. There is no NetBIOS name associated with an application directory partition.
It is possible to nest application directory partitions, that is, an application directory partition can have child application directory partitions. Searches with subtree scope rooted at an application directory partition head will generate continuation references to the child application directory partitions.
An application directory partition replica can only be created on a domain controller that is running on Windows Server 2003 and later and only while the Domain-Naming FSMO role is held by a Windows Server 2003 and later domain controller. In a mixed forest that has both Windows Server 2003 domain controllers and down-level domain controllers (Windows 2000 domain controllers or Windows NT 4.0 primary domain controllers), an attempt to create an application directory partition replica on a down-level domain controller will fail.
An application directory partition also has a corresponding crossRef object in the Partitions container of the configuration partition. The crossRef can be pre-created manually before creating the domainDNS object. The pre-created crossRef object must have the attribute values shown in the following table or the partition creation will fail. If the crossRef object does not exist, the Active Directory server will create one when the application directory partition is created.
* see netlogon service is running on the server
* verify the srv record on the server
( http://support.microsoft.com/kb/816587 )
*see all authentication on the DC
*check the event viewer if any error is occured
*veryfy the DC