Could not log into the Domain (AD) after restore XP Prof.

Discussion in 'Acronis True Image Product Line' started by mikle_01, Jul 26, 2005.

Thread Status:
Not open for further replies.
  1. mikle_01

    mikle_01 Registered Member

    Joined:
    Jul 25, 2005
    Posts:
    4
    I have the problem with TI 8.0 (8.0.826) enterprise on Windows XP Prof. clients in Windows 2000 Active Directory Enviremont!!!

    I make an image of XP Prof. computer with an computer account in the AD and restore it after an arbitrarily, random time (but at least a few weeks) and i could not log into the domain with error:"user is unknown for the domain".

    (notice: nothing changed; computers are in the same OU of the AD)

    Perhaps it is a Microsoft-Problem of LDAP / Kerberos!? It can't be a problem of the SID?! The SID never changed!!
     
  2. Acronis Support

    Acronis Support Acronis Support Staff

    Joined:
    Apr 28, 2004
    Posts:
    25,885
    Hello mikle_01,

    Thank you for choosing Acronis Remote Server Backup Software.

    Please try the following workaround:
    - Set the computer as a member of workgroup (not a domain);
    - After that reboot the computer and then set it as a member of domain once again.

    Thank you.
    --
    Ilya Toytman
     
  3. mikle_01

    mikle_01 Registered Member

    Joined:
    Jul 25, 2005
    Posts:
    4
    Thank's for your reply, but that's no satisfactorily solution.... Why it's not possible to restore in Image taken in Domain / AD-Infrastructure!? o_O

    (But honestly :oops: I've to say, with other products like Ghost or Drive Image I' ve still the same Problem.....)

    Michael
     
  4. Acronis Support

    Acronis Support Acronis Support Staff

    Joined:
    Apr 28, 2004
    Posts:
    25,885
    Hello Michael,

    This problem seems to be connected with Windows itself and the certificates that may become renewed on the domain controller but are not renewed in the image.

    Thank you.
    --
    Ilya Toytman
     
  5. TonioRoffo

    TonioRoffo Registered Member

    Joined:
    Apr 23, 2005
    Posts:
    237
    This is easy:

    Your computer account password went of out sync: at regular intervals, computer will send DC's new "passwords" that are linked to the computer account in the domain.

    When you restore a PC, this password could change to an old password, and get out of sync with the password on the DC. The DC doesn't accept your PC as being in the domain and refuses any user logons from it.

    This process happens "behind the scenes"

    With group policy you can force computer accounts never to change passwords after initial domain joining - your problems will be over.

    Please do note that the computer, not the domain, is initiating password changes - so you'll need to do the group policy thing, and after it's forced on the network (gpupdate /force and reboot of the PC) make fresh image backups - these will be able to restore at any given time.
     
Thread Status:
Not open for further replies.