Windows server 2016 password is not accepted by some domain pcs

Question

Windows server 2016 password is not accepted by some domain pcs

Anonymous

Although the domain computers are still reachable and able to ping, they are not able to enforce the sync group policy, which is displaying an error. I need to provide admin credentials in order to do any task that requires administrative privileges, however the computer is not accepting my password. Unexpectedly, I discovered that the computer recognized an outdated server administrator password. but no luck with others. Could someone kindly explain what went wrong and provide a solution? Is there a way for me to reconnect the machine to the domain?

#windowserver2016 #activedirectory #server #domain

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

3 answers

Answer 1

Hello SHIVA4,

Thank you for posting in Microsoft Community forum.

How many DCs are there in the domain? If there is more than one Domain Controllers, please check the AD replication between all DCs, you can run commands on PDC to check AD replication status.

repadmin /showrepl >C:\rep1.txt

repadmin /replsum >C:\rep2.txt

repadmin /showrepl * /csv >c:\repsum.csv

And check if every DC are working fine by running command below on every DC.
Dcdiag /v >C:%computername%_diag.txt

Is there a way for me to reconnect the machine to the domain?
You can try to remove the PC from domain and rejoin it to domain, and then check if it helps.

I hope the information above is helpful.

If you have any question or concern, please feel free to let us know.

Best Regards,
Daisy Zhou

Answer 2

There is only one DC, and running the script got below result

Doing initial required tests

Testing server: Default-First-Site-Name\SRV2016

  *Starting test: Connectivity*  

     *\* Active Directory LDAP Services Check* 

     *The host*

     *could not be resolved to an IP address. Check the DNS server, DHCP,*  

     *server name, etc.*  

     *Got error while checking LDAP and RPC connectivity. Please check your*  

     *firewall settings.*  

     *......................... SRV2016 failed test Connectivity*

The problem is that those machines are already in the domain, but the client PC is refusing to take my admin password, which I need to remove them from the domain and re-join it.

Answer 3

Hello SHIVA4,

Thank you for your reply.

Did the problem occur suddenly? If so, have you made any changes before the problem occur?

*The host could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc.*A: please check if the DC has static IP address.

Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ............

............. SRV2016 failed test ConnectivityA: Please check the ports below replated to LDAP.![Image](https://filestore.community.support.microsoft.com/api/images/2387b191-107a-4c40-a426-052d2896573c?upload=true&fud_access=wJJIheezUklbAN2ppeDns8cDNpYs3nCYjgitr%2BfFBh2dqlqMuW7np3F6Utp%2FKMltnRRYFtVjOMO5tpbpW9UyRAwvLeec5emAPixgq9ta07Dgnp2aq5eJbnfd%2FU3qhn54Ui9c7IY3%2BVaDGM794ieFEWFOTytTrMKy7m1XQpeIKlfhHZvv6qxFNypZh8EVO%2BjzMgLRnj7SrY%2FjVoV7qs8fDiK994oMxVrhrFAMYDcU%2FzogdRJ8k9kOw3Q%2BU%2FGeslSgd2IBCo025t1Hqe7hQ8XgHv7IHb8zgPlh1Sz6rBw0YEeJO%2Bs2bgMLPdqfw%2BBrnawediUNOQvhbFT4Amcf9P8otQO%2Bfc668T096haKArALyvLJH%2B3LhYaPyYy8REhDNNRSkJzMFuSzfgeg1DpI0yP9sCLaWvVVV7Fc6M9NfkXSMB4%3D)

And the ports below related to RPC.

And the new default start port of RPC is 49152, and the new default end port is 65535. Therefore, you must increase the remote procedure call (RPC) port range in your firewalls.

Active Directory and Active Directory Domain Services Port Requirements | Microsoft Learn

Best Regards,
Daisy Zhou

Share via

Windows server 2016 password is not accepted by some domain pcs

3 answers