Thorsten Schmitt
03-18-2004, 03:47 PM
Hi there,
I have the following problem with ALL NT4 clients in our domain. The domain
is a W2K ADS native mode.
They cannot authenticate with the domain controllers.
I can join the comouter to the domain without any problem. but...
Trying to authenticate in the domain fails with a "known" message: computer
account does not exist in the primary domain.....
In the event Log I get Error 3210 / Netlogon.
Every hint in the kb or web does not match my problem.
Testing with NLTEST or anything like that seems to be ok. These descriptions
would macht for one client, but not for ALL nt4 clients. We had the problem
some months ago and could "resoolve" it by upgrading the clients to w2K. But
not there are some clients coming from a migrated domain with NT4 clients
that need to stay installed with nt4 :-(
I would suppose there is a problem with misconfigured polices in the default
domain policy that does not allow NT4 computer to authenticate with NTLM2
(yes, they all have SP5 at least). But I unchecked all the polices to "not
configured" in default domain policy or default domain controllers policy,
but the problem stillt persist.
Any ideas, hints or maybe similar problems?
Thanks and regards
Thorsten Schmitt
I have the following problem with ALL NT4 clients in our domain. The domain
is a W2K ADS native mode.
They cannot authenticate with the domain controllers.
I can join the comouter to the domain without any problem. but...
Trying to authenticate in the domain fails with a "known" message: computer
account does not exist in the primary domain.....
In the event Log I get Error 3210 / Netlogon.
Every hint in the kb or web does not match my problem.
Testing with NLTEST or anything like that seems to be ok. These descriptions
would macht for one client, but not for ALL nt4 clients. We had the problem
some months ago and could "resoolve" it by upgrading the clients to w2K. But
not there are some clients coming from a migrated domain with NT4 clients
that need to stay installed with nt4 :-(
I would suppose there is a problem with misconfigured polices in the default
domain policy that does not allow NT4 computer to authenticate with NTLM2
(yes, they all have SP5 at least). But I unchecked all the polices to "not
configured" in default domain policy or default domain controllers policy,
but the problem stillt persist.
Any ideas, hints or maybe similar problems?
Thanks and regards
Thorsten Schmitt