Microsoft KB Archive/257986

= Logon May Not Succeed After Rejoining a Windows 2000 Domain Using Netdom and an Explicit Organizational Unit =

Article ID: 257986

Article Last Modified on 2/21/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q257986



SYMPTOMS
You may not be able to log on to a Windows 2000-based domain after you join the domain by using the Netdom tool from the Microsoft Windows 2000 Resource Kit and specifying an explicit organizational unit, remove yourself from the domain, and then join the domain again by specifying the same organizational unit.



CAUSE
This problem occurs because the new machine account password that is generated the second time you join the domain is not set on the domain controller. You cannot log on because the machine account password from the initial join is still stored on the domain controller and does not match the password from the second join. Therefore, the workstation cannot set up a secure channel for authentication.



RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

This problem was first corrected in Windows 2000 Service Pack 1.

Keywords: kbbug kbfix kbwin2000sp1fix kbhotfixserver kbqfe KB257986

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.