Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Shaun E on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

account lockouts/PC's having permission problems

Status
Not open for further replies.
formermarine

formermarine

IS-IT--Management
Apr 3, 2002
27
US
I have had problems with computers getting removed from AD without anyone touching them. This has caused users to not be able to log into the domain. Any idea as to what could be causing this? Below you will see the event type and id.

Thank you,

Carlos




Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 675


 
Sort by date Sort by votes
I ran into a similar situation once before and wrote an FAQ on the experience since I worked closely with a MS Support Engineer on it. faq96-4733

Take a careful look at all of your DCs logs and verify you are not haveing replication issues.

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
Thank you Mark! That is very helpful but unfortunately my role with this company has limitations so I am not able to perform some of the tasks recommended. I have noticed some problems like the one I mentioned as well as Outlook trying to connect to an exchange server. You mentioned replication issues and I found that there are replication issues in the event viewer. My manager has requested that I provide her with some sort of white paper indicating that the replication problems come from the DNS which is what I am suspecting. Below is one of the error messages in the event viewer.

Active Directory was unable to establish a connection with the global catalog.

Additional Data
Error value:
1792 An attempt was made to logon, but the network logon service
was not started.
Internal ID:
3200caf

here is another one.

The Knowledge Consistency Checker (KCC) has detected problems
with the following directory partition.

Directory partition:
DC=dmz129,DC=dmz,DC=xxxxxxxx,DC=net

There is insufficient site connectivity information in Active Directory
Sites and Services for the KCC to create a spanning tree replication
topology. Or, one or more domain controllers with this directory partition
are unable to replicate the directory partition information. This is
probably due to inaccessible domain controllers.

What do you think? Does it seem like a DNS problem? If so, where can I find documentation to support this.
 
Upvote 0 Downvote
Run DCDIAG and NETDIAG from each server. Those reports will tell you if you are having DNS issues or not.

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
987
goombawaho
goombawaho
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
884
DrB0b
DrB0b
shmoes
  • Locked
  • Question
Delegating file admin permission
Replies
3
Views
321
SamBones
SamBones
DTGMI
  • Locked
  • Question
Strange 2008 R2 AD login lockouts!
Replies
1
Views
212
DrB0b
DrB0b
Kiwica
  • Locked
  • Question
Locked out domain account
Replies
4
Views
314
Kiwica
Kiwica

Part and Inventory Search

Sponsor

Back
Top