Sign in with
Sign up | Sign in
Your question

How to re-join NT domain from XP ws and not lose user's pr..

Last response: in Windows 2000/NT
Share
Anonymous
October 18, 2004 11:01:09 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

I've NEVER seen this answered completely and correctly. I hope it can be
here. It is an important topic for network administrators like myself:

I've recently replaced and NT4 PDC. The trust relationships with the
workstations were broken and have to be recreated. What is the proper way to
do this so that the user's profile and profile_path are retained?

From my experience, if you remove the PC from the domain and then rejoin it
the user will have a new locally cached profile_path created called
username.domain (or username.domain.000 if the username was first using a
profile_path of username).

I've gotten around this somewhat by resetting security on the user's
previous profile path and then editing the registry key under
HKLM/Software/MicroSoft/Windows NT/Current Version/Profile List/[user's sid].
But, this doesn't seem correct. Especially since MS Outlook prompts for the
user's email account password the next time it is launched.

I've also played with the NETDOM.exe tool from the XP support tools from one
workstations, but had not much luck. Should I be using the netdom.exe tool
from the server (the NT version)? Is this tool still available now that the
NT Resource Kit has been discontinued?

Help! This is a very troublesome issue that I cannot seem to find a
definitive answer to. Thanks a ton to the genius who shed's light on it for
me.

Much thanks! -- JS

More about : join domain lose user

Anonymous
October 19, 2004 4:38:53 AM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

You should try the method here.
http://support.microsoft.com/default.aspx?scid=kb;en-us;216393

This assumes that by replacing your NT4 PDC, what you mean is you promoted
an existing NT4 BDC to PDC status.
Trust relationships should not get broken in this scenerio, but it can and
does happen. Its NT4 ;-)

If all you had was the PDC, and no BDCs, and you replaced the PDC, then the
above method will not work.
In this case, you essentailly rebuilt your domain with all new user accounts
and computer accounts. They all may be named the same, but they all have
different SIDs, and therefore are quite different.
The ultimate outcome is what you describe below.

Hope that helps.

--
Glenn L
CCNA, MCSE 2000, MCSE 2003 + Security


"J_Schneider" <JSchneider@discussions.microsoft.com> wrote in message
news:F2133056-8758-42A6-BCD4-DDD4BA069546@microsoft.com...
> I've NEVER seen this answered completely and correctly. I hope it can be
> here. It is an important topic for network administrators like myself:
>
> I've recently replaced and NT4 PDC. The trust relationships with the
> workstations were broken and have to be recreated. What is the proper way
to
> do this so that the user's profile and profile_path are retained?
>
> From my experience, if you remove the PC from the domain and then rejoin
it
> the user will have a new locally cached profile_path created called
> username.domain (or username.domain.000 if the username was first using a
> profile_path of username).
>
> I've gotten around this somewhat by resetting security on the user's
> previous profile path and then editing the registry key under
> HKLM/Software/MicroSoft/Windows NT/Current Version/Profile List/[user's
sid].
> But, this doesn't seem correct. Especially since MS Outlook prompts for
the
> user's email account password the next time it is launched.
>
> I've also played with the NETDOM.exe tool from the XP support tools from
one
> workstations, but had not much luck. Should I be using the netdom.exe tool
> from the server (the NT version)? Is this tool still available now that
the
> NT Resource Kit has been discontinued?
>
> Help! This is a very troublesome issue that I cannot seem to find a
> definitive answer to. Thanks a ton to the genius who shed's light on it
for
> me.
>
> Much thanks! -- JS
Anonymous
October 19, 2004 3:21:08 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Netdom.exe or nltest.exe work quite well given the
right syntax and environment. You have to make sure
you are logged into the client with domain admin privileges
or the server itself with the same privileges.

"J_Schneider" <JSchneider@discussions.microsoft.com> wrote in message
news:
> I've NEVER seen this answered completely and correctly. I hope it can
be
> here. It is an important topic for network administrators like myself:
>
> I've recently replaced and NT4 PDC. The trust relationships with the
> workstations were broken and have to be recreated. What is the proper
way to
> do this so that the user's profile and profile_path are retained?
>
> From my experience, if you remove the PC from the domain and then
rejoin it
> the user will have a new locally cached profile_path created called
> username.domain (or username.domain.000 if the username was first
using a
> profile_path of username).
>
> I've gotten around this somewhat by resetting security on the user's
> previous profile path and then editing the registry key under
> HKLM/Software/MicroSoft/Windows NT/Current Version/Profile
List/[user's sid].
> But, this doesn't seem correct. Especially since MS Outlook prompts
for the
> user's email account password the next time it is launched.
>
> I've also played with the NETDOM.exe tool from the XP support tools
from one
> workstations, but had not much luck. Should I be using the netdom.exe
tool
> from the server (the NT version)? Is this tool still available now
that the
> NT Resource Kit has been discontinued?
>
Related resources
Anonymous
October 19, 2004 5:29:02 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

It appears this applies to Server 2000 and later, not NT 4.0. Am I correct in
assuming that? If so, is it possible to still get a version of those tools
for NT4 considering the resource kit is no longer available? Doing this from
each workstation would be pretty difficult in my large deployments...

Thanks,

JS

"Glenn L" wrote:

> You should try the method here.
> http://support.microsoft.com/default.aspx?scid=kb;en-us;216393
>
> This assumes that by replacing your NT4 PDC, what you mean is you promoted
> an existing NT4 BDC to PDC status.
> Trust relationships should not get broken in this scenerio, but it can and
> does happen. Its NT4 ;-)
>
> If all you had was the PDC, and no BDCs, and you replaced the PDC, then the
> above method will not work.
> In this case, you essentailly rebuilt your domain with all new user accounts
> and computer accounts. They all may be named the same, but they all have
> different SIDs, and therefore are quite different.
> The ultimate outcome is what you describe below.
>
> Hope that helps.
>
> --
> Glenn L
> CCNA, MCSE 2000, MCSE 2003 + Security
>
>
> "J_Schneider" <JSchneider@discussions.microsoft.com> wrote in message
> news:F2133056-8758-42A6-BCD4-DDD4BA069546@microsoft.com...
> > I've NEVER seen this answered completely and correctly. I hope it can be
> > here. It is an important topic for network administrators like myself:
> >
> > I've recently replaced and NT4 PDC. The trust relationships with the
> > workstations were broken and have to be recreated. What is the proper way
> to
> > do this so that the user's profile and profile_path are retained?
> >
> > From my experience, if you remove the PC from the domain and then rejoin
> it
> > the user will have a new locally cached profile_path created called
> > username.domain (or username.domain.000 if the username was first using a
> > profile_path of username).
> >
> > I've gotten around this somewhat by resetting security on the user's
> > previous profile path and then editing the registry key under
> > HKLM/Software/MicroSoft/Windows NT/Current Version/Profile List/[user's
> sid].
> > But, this doesn't seem correct. Especially since MS Outlook prompts for
> the
> > user's email account password the next time it is launched.
> >
> > I've also played with the NETDOM.exe tool from the XP support tools from
> one
> > workstations, but had not much luck. Should I be using the netdom.exe tool
> > from the server (the NT version)? Is this tool still available now that
> the
> > NT Resource Kit has been discontinued?
> >
> > Help! This is a very troublesome issue that I cannot seem to find a
> > definitive answer to. Thanks a ton to the genius who shed's light on it
> for
> > me.
> >
> > Much thanks! -- JS
>
>
>
Anonymous
October 19, 2004 5:39:01 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

It appears this applies to Server 2000 and later, not NT 4.0. Am I correct in
assuming that? If so, is it possible to still get a version of those tools
for NT4 considering the resource kit is no longer available? Doing this from
each workstation would be pretty difficult in my large deployments...

Thanks,

JS

"Michael Giorgio - MS MVP" wrote:

> Netdom.exe or nltest.exe work quite well given the
> right syntax and environment. You have to make sure
> you are logged into the client with domain admin privileges
> or the server itself with the same privileges.
>
> "J_Schneider" <JSchneider@discussions.microsoft.com> wrote in message
> news:
> > I've NEVER seen this answered completely and correctly. I hope it can
> be
> > here. It is an important topic for network administrators like myself:
> >
> > I've recently replaced and NT4 PDC. The trust relationships with the
> > workstations were broken and have to be recreated. What is the proper
> way to
> > do this so that the user's profile and profile_path are retained?
> >
> > From my experience, if you remove the PC from the domain and then
> rejoin it
> > the user will have a new locally cached profile_path created called
> > username.domain (or username.domain.000 if the username was first
> using a
> > profile_path of username).
> >
> > I've gotten around this somewhat by resetting security on the user's
> > previous profile path and then editing the registry key under
> > HKLM/Software/MicroSoft/Windows NT/Current Version/Profile
> List/[user's sid].
> > But, this doesn't seem correct. Especially since MS Outlook prompts
> for the
> > user's email account password the next time it is launched.
> >
> > I've also played with the NETDOM.exe tool from the XP support tools
> from one
> > workstations, but had not much luck. Should I be using the netdom.exe
> tool
> > from the server (the NT version)? Is this tool still available now
> that the
> > NT Resource Kit has been discontinued?
> >
>
>
>
!