Context:
- Windows server 2003 x64:
- On a VMWare ESX 3
- member of a domain
- has as primary DNS server the PDC, can see it (ping et al)
- can access a shared folder (even to a shared folder on the PDC) using credentials from the domain when logged on as a local admin
Problem:
- logging on the machine with the same domain credentials gets me an invalid user/password error.
I'm at a loss about where to start debugging this.
Any clues?
UPDATE:
I checked to PDC logs and I get
The session setup from computer 'VM'
failed because the security database
does not contain a trust account 'VM$'
referenced by the specified computer.USER ACTION If this is the first
occurrence of this event for the
specified computer and account, this
may be a transient issue that doesn't
require any action at this time.
Otherwise, the following steps may be
taken to resolve this problem:If 'VM$' is a legitimate machine
account for the computer 'VM', then
'VM' should be rejoined to the domain.If 'VM$' is a legitimate interdomain
trust account, then the trust should
be recreated.
So the actions to take now are clear. What's not clear to me is the cause for that and
how to prevent further occurrences of it.
UPDATE 2: Yes, it is a clone, but I already had proceeded to part from and rejoin the domain.
Best Answer
If it's a clone as you say then you really need to run sysprep on it, just unjoining and rejoing the domain isn't enough to fix the SID issue AFAIK.
There are VMware docs that explain where to put the sysprep binaries on the VC server so that when you clone a VM that the cloning process can automatically run a sysprep on the new VM for you. Unfortunately the docs could be better at explaining exactly what to do, this link explains somewhat better.