"KBJones.es" wrote:
|I replaced the missing ntldr file along with netdetect.com as my server
| wouldn't reboot and gave me the missing ntldr message. The server then
| rebooted yet would only allow the local admin profile to logon. The other
| admin profiles are still on the directory with no apparent loss of data
i.e.
| documents and settings, but cannot be accessed. I am unable to reset the
| passwords to other admin profiles from AD as I have tried and still
couldn't
| logon. I believe if I can get this issue resolved the additional MS
Exchange
| server issues will take care of themselves; hopefully.

"Dave Patrick" wrote:

> The details are sketchy at best but the drive may have failed. Download and
> run a diagnostic utility from the drive manufacturer's web site. Check Event
> Viewer for errors and Device Manager for errors and or non-starting devices.
>
>
> --
> Regards,
>
> Dave Patrick ....Please no email replies - reply in newsgroup.
> Microsoft Certified Professional
> Microsoft MVP [Windows]
> http://www.microsoft.com/protect
>
> "KBJones.es" wrote:
> |I replaced the missing ntldr file along with netdetect.com as my server
> | wouldn't reboot and gave me the missing ntldr message. The server then
> | rebooted yet would only allow the local admin profile to logon. The other
> | admin profiles are still on the directory with no apparent loss of data
> i.e.
> | documents and settings, but cannot be accessed. I am unable to reset the
> | passwords to other admin profiles from AD as I have tried and still
> couldn't
> | logon. I believe if I can get this issue resolved the additional MS
> Exchange
> | server issues will take care of themselves; hopefully.
>
>
>

"KBJones" wrote:
| I'll do that and let you know what I find. Thanks for the quick response.

"KBJones.es" wrote:

> I replaced the missing ntldr file along with netdetect.com as my server
> wouldn't reboot and gave me the missing ntldr message. The server then
> rebooted yet would only allow the local admin profile to logon. The other
> admin profiles are still on the directory with no apparent loss of data i.e.
> documents and settings, but cannot be accessed. I am unable to reset the
> passwords to other admin profiles from AD as I have tried and still couldn't
> logon. I believe if I can get this issue resolved the additional MS Exchange
> server issues will take care of themselves; hopefully.

"Nick" wrote:

> I'm not sure I really understand what the whole issue but here's what I got
> from your post - please correct me if I've misunderstood:
>
> - One of your servers wouldn't boot (I think it's your Exchange Server).
> - This server was getting ntldr is missing message
> - You resolved that issue and can now boot to Windows
> - The local admin account can log on but no domain accounts
> - You've reset the passwords to domain admin accounts and still they can't
> log onto this seerver.
> - When you try to log on with a domain account you get the standard
> incorrect password window - you do not get a window that mentions anything
> about a trust relationship.
>
> If all the above are true then first make sure you are booted into regular
> Windows mode and not safe mode.  Also if this machine is a Domain Controller
> make sure you're not in Active Directory Restore mode.
>
> If you've booted in normal mode then my first question is can these domain
> admin accounts log onto your other servers (I'm assuming they can).  If so
> then I think it's a connectivity issue or AD connectivity issue that's
> causing your problem.  By AD connectivity issue I mean maybe you can browse
> the internet but there's something incorrectly configured preventing you from
> contacting a Domain Controller, like using the wrong DNS server.  The reason
> I feel strongly there's an AD connectivity issue is because no domain
> accounts can log on, which provided your not getting a trust error message
> generally means there is a problem communicating with a Domain Controller.
>
> Please verify you can log onto other servers with domain accounts and double
> check the problem server's DNS settings and let me know the results (if you'd
> like more suggestions).  Also why were you rebooting the server, had you
> installed a patch (if so which ones).
>
> Thanks and hope this helps.
>
> Nick Staff
>
>
>
>
> "KBJones.es" wrote:
>
> > I replaced the missing ntldr file along with netdetect.com as my server
> > wouldn't reboot and gave me the missing ntldr message. The server then
> > rebooted yet would only allow the local admin profile to logon. The other
> > admin profiles are still on the directory with no apparent loss of data i.e.
> > documents and settings, but cannot be accessed. I am unable to reset the
> > passwords to other admin profiles from AD as I have tried and still couldn't
> > logon. I believe if I can get this issue resolved the additional MS Exchange
> > server issues will take care of themselves; hopefully.

"KBJones" wrote:

> Nick,
>  You must be psycic; if you decyphered that much detail from that my vague 
> description; let's just say you said better than I did.. The only question
> you really left for me to answer is "Why was I rebooting the server?", my
> answer is "windows updates". I'm not sure which ones at this moment, but I've
> tried to boot to safe mode and restore to last known good config and no luck.
> I'll look hard at the dns and get back to you.
>
> "Nick" wrote:
>
> > I'm not sure I really understand what the whole issue but here's what I got
> > from your post - please correct me if I've misunderstood:
> >
> > - One of your servers wouldn't boot (I think it's your Exchange Server).
> > - This server was getting ntldr is missing message
> > - You resolved that issue and can now boot to Windows
> > - The local admin account can log on but no domain accounts
> > - You've reset the passwords to domain admin accounts and still they can't
> > log onto this seerver.
> > - When you try to log on with a domain account you get the standard
> > incorrect password window - you do not get a window that mentions anything
> > about a trust relationship.
> >
> > If all the above are true then first make sure you are booted into regular
> > Windows mode and not safe mode.  Also if this machine is a Domain Controller
> > make sure you're not in Active Directory Restore mode.
> >
> > If you've booted in normal mode then my first question is can these domain
> > admin accounts log onto your other servers (I'm assuming they can).  If so
> > then I think it's a connectivity issue or AD connectivity issue that's
> > causing your problem.  By AD connectivity issue I mean maybe you can browse
> > the internet but there's something incorrectly configured preventing you from
> > contacting a Domain Controller, like using the wrong DNS server.  The reason
> > I feel strongly there's an AD connectivity issue is because no domain
> > accounts can log on, which provided your not getting a trust error message
> > generally means there is a problem communicating with a Domain Controller.
> >
> > Please verify you can log onto other servers with domain accounts and double
> > check the problem server's DNS settings and let me know the results (if you'd
> > like more suggestions).  Also why were you rebooting the server, had you
> > installed a patch (if so which ones).
> >
> > Thanks and hope this helps.
> >
> > Nick Staff
> >
> >
> >
> >
> > "KBJones.es" wrote:
> >
> > > I replaced the missing ntldr file along with netdetect.com as my server
> > > wouldn't reboot and gave me the missing ntldr message. The server then
> > > rebooted yet would only allow the local admin profile to logon. The other
> > > admin profiles are still on the directory with no apparent loss of data i.e.
> > > documents and settings, but cannot be accessed. I am unable to reset the
> > > passwords to other admin profiles from AD as I have tried and still couldn't
> > > logon. I believe if I can get this issue resolved the additional MS Exchange
> > > server issues will take care of themselves; hopefully.

"Nick" wrote:

> Ahh if only I were psychic KB I'd know the answer to your problem (and I'd be
> able to warn you about your next one too).  Truth of the matter is your post
> must have been pretty informative after all  =).
>
> A couple of things:
>
> Don't bother with last known good anymore since one you log on last known
> good becomes your current state.
>
> There's another person who posted last night saying they lose their internet
> connection after installing SP4 - I don't know if it's the same issue but
> thought it was interesting.
>
> Can you access the internet from your server?  Can you please go to the
> command line and type ipconfig /all and paste the results here (if you don't
> want to paste them for all the world to see could you email them to me at
> nick.st***@comcast.net)?
>
> When/if you do that could you tell me if the DNS servers listed are the ones
> hosting the zones for your AD domain?
>
> Out of curiousity, can you ping your Domain controller by IP?  How about by
> name?
>
> Thanks KB.
>
> Nick
>
> "KBJones" wrote:
>
> > Nick,
> >  You must be psycic; if you decyphered that much detail from that my vague 
> > description; let's just say you said better than I did.. The only question
> > you really left for me to answer is "Why was I rebooting the server?", my
> > answer is "windows updates". I'm not sure which ones at this moment, but I've
> > tried to boot to safe mode and restore to last known good config and no luck.
> > I'll look hard at the dns and get back to you.
> >
> > "Nick" wrote:
> >
> > > I'm not sure I really understand what the whole issue but here's what I got
> > > from your post - please correct me if I've misunderstood:
> > >
> > > - One of your servers wouldn't boot (I think it's your Exchange Server).
> > > - This server was getting ntldr is missing message
> > > - You resolved that issue and can now boot to Windows
> > > - The local admin account can log on but no domain accounts
> > > - You've reset the passwords to domain admin accounts and still they can't
> > > log onto this seerver.
> > > - When you try to log on with a domain account you get the standard
> > > incorrect password window - you do not get a window that mentions anything
> > > about a trust relationship.
> > >
> > > If all the above are true then first make sure you are booted into regular
> > > Windows mode and not safe mode.  Also if this machine is a Domain Controller
> > > make sure you're not in Active Directory Restore mode.
> > >
> > > If you've booted in normal mode then my first question is can these domain
> > > admin accounts log onto your other servers (I'm assuming they can).  If so
> > > then I think it's a connectivity issue or AD connectivity issue that's
> > > causing your problem.  By AD connectivity issue I mean maybe you can browse
> > > the internet but there's something incorrectly configured preventing you from
> > > contacting a Domain Controller, like using the wrong DNS server.  The reason
> > > I feel strongly there's an AD connectivity issue is because no domain
> > > accounts can log on, which provided your not getting a trust error message
> > > generally means there is a problem communicating with a Domain Controller.
> > >
> > > Please verify you can log onto other servers with domain accounts and double
> > > check the problem server's DNS settings and let me know the results (if you'd
> > > like more suggestions).  Also why were you rebooting the server, had you
> > > installed a patch (if so which ones).
> > >
> > > Thanks and hope this helps.
> > >
> > > Nick Staff
> > >
> > >
> > >
> > >
> > > "KBJones.es" wrote:
> > >
> > > > I replaced the missing ntldr file along with netdetect.com as my server
> > > > wouldn't reboot and gave me the missing ntldr message. The server then
> > > > rebooted yet would only allow the local admin profile to logon. The other
> > > > admin profiles are still on the directory with no apparent loss of data i.e.
> > > > documents and settings, but cannot be accessed. I am unable to reset the
> > > > passwords to other admin profiles from AD as I have tried and still couldn't
> > > > logon. I believe if I can get this issue resolved the additional MS Exchange
> > > > server issues will take care of themselves; hopefully.

"KBJones" wrote:

> I get internet anywhere, i.e. all workstations as well as backup server. I
> don't get the internet from machine in question (main svr).
>
> ipconfig /all =
> Windows 2000 IP Configuration
>
>         Host Name . . . . . . . . . . . . : la-hq-s1
>         Primary DNS Suffix  . . . . . . . : LA.loc
>         Node Type . . . . . . . . . . . . : Hybrid
>         IP Routing Enabled. . . . . . . . : Yes
>         WINS Proxy Enabled. . . . . . . . : No
>
> Ethernet adapter Local Area Connection:
>
>         Connection-specific DNS Suffix  . : la.loc
>         Description . . . . . . . . . . . : Intel(R) Advanc
> irtual Adapter
>         Physical Address. . . . . . . . . : 00-B0-D0-D1-EC-
>         DHCP Enabled. . . . . . . . . . . : No
>         IP Address. . . . . . . . . . . . : 199.223.150.38
>         Subnet Mask . . . . . . . . . . . : 255.255.255.0
>         Default Gateway . . . . . . . . . : 199.223.150.2
>         DNS Servers . . . . . . . . . . . : 199.223.150.38
>                                             199.223.150.39
>                                             199.223.150.2
>         Primary WINS Server . . . . . . . : 199.223.150.38
>
> the 38 ip is the main svr and the 39 ip is the backup server. I believe that
> 38 hosts the AD.
> I also successfully pinged the domain controller both by ip and by name.
>
> "Nick" wrote:
>
> > Ahh if only I were psychic KB I'd know the answer to your problem (and I'd be
> > able to warn you about your next one too).  Truth of the matter is your post
> > must have been pretty informative after all  =).
> >
> > A couple of things:
> >
> > Don't bother with last known good anymore since one you log on last known
> > good becomes your current state.
> >
> > There's another person who posted last night saying they lose their internet
> > connection after installing SP4 - I don't know if it's the same issue but
> > thought it was interesting.
> >
> > Can you access the internet from your server?  Can you please go to the
> > command line and type ipconfig /all and paste the results here (if you don't
> > want to paste them for all the world to see could you email them to me at
> > nick.st***@comcast.net)?
> >
> > When/if you do that could you tell me if the DNS servers listed are the ones
> > hosting the zones for your AD domain?
> >
> > Out of curiousity, can you ping your Domain controller by IP?  How about by
> > name?
> >
> > Thanks KB.
> >
> > Nick
> >
> > "KBJones" wrote:
> >
> > > Nick,
> > >  You must be psycic; if you decyphered that much detail from that my vague 
> > > description; let's just say you said better than I did.. The only question
> > > you really left for me to answer is "Why was I rebooting the server?", my
> > > answer is "windows updates". I'm not sure which ones at this moment, but I've
> > > tried to boot to safe mode and restore to last known good config and no luck.
> > > I'll look hard at the dns and get back to you.
> > >
> > > "Nick" wrote:
> > >
> > > > I'm not sure I really understand what the whole issue but here's what I got
> > > > from your post - please correct me if I've misunderstood:
> > > >
> > > > - One of your servers wouldn't boot (I think it's your Exchange Server).
> > > > - This server was getting ntldr is missing message
> > > > - You resolved that issue and can now boot to Windows
> > > > - The local admin account can log on but no domain accounts
> > > > - You've reset the passwords to domain admin accounts and still they can't
> > > > log onto this seerver.
> > > > - When you try to log on with a domain account you get the standard
> > > > incorrect password window - you do not get a window that mentions anything
> > > > about a trust relationship.
> > > >
> > > > If all the above are true then first make sure you are booted into regular
> > > > Windows mode and not safe mode.  Also if this machine is a Domain Controller
> > > > make sure you're not in Active Directory Restore mode.
> > > >
> > > > If you've booted in normal mode then my first question is can these domain
> > > > admin accounts log onto your other servers (I'm assuming they can).  If so
> > > > then I think it's a connectivity issue or AD connectivity issue that's
> > > > causing your problem.  By AD connectivity issue I mean maybe you can browse
> > > > the internet but there's something incorrectly configured preventing you from
> > > > contacting a Domain Controller, like using the wrong DNS server.  The reason
> > > > I feel strongly there's an AD connectivity issue is because no domain
> > > > accounts can log on, which provided your not getting a trust error message
> > > > generally means there is a problem communicating with a Domain Controller.
> > > >
> > > > Please verify you can log onto other servers with domain accounts and double
> > > > check the problem server's DNS settings and let me know the results (if you'd
> > > > like more suggestions).  Also why were you rebooting the server, had you
> > > > installed a patch (if so which ones).
> > > >
> > > > Thanks and hope this helps.
> > > >
> > > > Nick Staff
> > > >
> > > >
> > > >
> > > >
> > > > "KBJones.es" wrote:
> > > >
> > > > > I replaced the missing ntldr file along with netdetect.com as my server
> > > > > wouldn't reboot and gave me the missing ntldr message. The server then
> > > > > rebooted yet would only allow the local admin profile to logon. The other
> > > > > admin profiles are still on the directory with no apparent loss of data i.e.
> > > > > documents and settings, but cannot be accessed. I am unable to reset the
> > > > > passwords to other admin profiles from AD as I have tried and still couldn't
> > > > > logon. I believe if I can get this issue resolved the additional MS Exchange
> > > > > server issues will take care of themselves; hopefully.

"Nick" wrote:

> First thank you for responding so quickly to my questions.
>
> Here's what I don't understand - according to your last post the server
> getting the ntldr error is your Domain controller, but you said in your
> initial post you could only log onto the machine with a local account and not
> a domain account.
>
> The thing is a Domain Controller's local accounts are the domain accounts. 
> There aren't any accounts on  a DC that aren't in the domain.  That said,
> don't worry about that for now.
>
> some questions:
>
> Is your default gateway (199.223.150.2) the same machine as the server
> (199.223.150.38)?
>
> If they are different machines can you ping the gateway? (I don't think you
> can).  If you can't then try re-installing the drivers for your nic and try
> pinging the gateway again (use a different version of the drivers, an older
> one if you have to).
>
> If the gateway is not on the same machine as the server then why is ip
> routing enabled (and what network are you routing to)?
>
> In my opinion there is only one thing you should be working on right now -
> being able to ping any other machine on your network from your server.   By
> other machine I don't just mean different name but literaly a different
> physical computer.  Troubleshoot this as a connectivity problem and don't
> worry about the other issues, they can not be permanently resolved before
> this one.
>
> Nick
>
> - Why is IP Routing enabled on the server (if there's a second NIC card can
> I see the ipconfig output for it)?
> - your gateway at 199.223.150.2 - is it also a DNS server?  If so is it a
> caching only server or does it host zones for your AD as well?
>
>
>
> "KBJones" wrote:
>
> > I get internet anywhere, i.e. all workstations as well as backup server. I
> > don't get the internet from machine in question (main svr).
> >
> > ipconfig /all =
> > Windows 2000 IP Configuration
> >
> >         Host Name . . . . . . . . . . . . : la-hq-s1
> >         Primary DNS Suffix  . . . . . . . : LA.loc
> >         Node Type . . . . . . . . . . . . : Hybrid
> >         IP Routing Enabled. . . . . . . . : Yes
> >         WINS Proxy Enabled. . . . . . . . : No
> >
> > Ethernet adapter Local Area Connection:
> >
> >         Connection-specific DNS Suffix  . : la.loc
> >         Description . . . . . . . . . . . : Intel(R) Advanc
> > irtual Adapter
> >         Physical Address. . . . . . . . . : 00-B0-D0-D1-EC-
> >         DHCP Enabled. . . . . . . . . . . : No
> >         IP Address. . . . . . . . . . . . : 199.223.150.38
> >         Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >         Default Gateway . . . . . . . . . : 199.223.150.2
> >         DNS Servers . . . . . . . . . . . : 199.223.150.38
> >                                             199.223.150.39
> >                                             199.223.150.2
> >         Primary WINS Server . . . . . . . : 199.223.150.38
> >
> > the 38 ip is the main svr and the 39 ip is the backup server. I believe that
> > 38 hosts the AD.
> > I also successfully pinged the domain controller both by ip and by name.
> >
> > "Nick" wrote:
> >
> > > Ahh if only I were psychic KB I'd know the answer to your problem (and I'd be
> > > able to warn you about your next one too).  Truth of the matter is your post
> > > must have been pretty informative after all  =).
> > >
> > > A couple of things:
> > >
> > > Don't bother with last known good anymore since one you log on last known
> > > good becomes your current state.
> > >
> > > There's another person who posted last night saying they lose their internet
> > > connection after installing SP4 - I don't know if it's the same issue but
> > > thought it was interesting.
> > >
> > > Can you access the internet from your server?  Can you please go to the
> > > command line and type ipconfig /all and paste the results here (if you don't
> > > want to paste them for all the world to see could you email them to me at
> > > nick.st***@comcast.net)?
> > >
> > > When/if you do that could you tell me if the DNS servers listed are the ones
> > > hosting the zones for your AD domain?
> > >
> > > Out of curiousity, can you ping your Domain controller by IP?  How about by
> > > name?
> > >
> > > Thanks KB.
> > >
> > > Nick
> > >
> > > "KBJones" wrote:
> > >
> > > > Nick,
> > > >  You must be psycic; if you decyphered that much detail from that my vague 
> > > > description; let's just say you said better than I did.. The only question
> > > > you really left for me to answer is "Why was I rebooting the server?", my
> > > > answer is "windows updates". I'm not sure which ones at this moment, but I've
> > > > tried to boot to safe mode and restore to last known good config and no luck.
> > > > I'll look hard at the dns and get back to you.
> > > >
> > > > "Nick" wrote:
> > > >
> > > > > I'm not sure I really understand what the whole issue but here's what I got
> > > > > from your post - please correct me if I've misunderstood:
> > > > >
> > > > > - One of your servers wouldn't boot (I think it's your Exchange Server).
> > > > > - This server was getting ntldr is missing message
> > > > > - You resolved that issue and can now boot to Windows
> > > > > - The local admin account can log on but no domain accounts
> > > > > - You've reset the passwords to domain admin accounts and still they can't
> > > > > log onto this seerver.
> > > > > - When you try to log on with a domain account you get the standard
> > > > > incorrect password window - you do not get a window that mentions anything
> > > > > about a trust relationship.
> > > > >
> > > > > If all the above are true then first make sure you are booted into regular
> > > > > Windows mode and not safe mode.  Also if this machine is a Domain Controller
> > > > > make sure you're not in Active Directory Restore mode.
> > > > >
> > > > > If you've booted in normal mode then my first question is can these domain
> > > > > admin accounts log onto your other servers (I'm assuming they can).  If so
> > > > > then I think it's a connectivity issue or AD connectivity issue that's
> > > > > causing your problem.  By AD connectivity issue I mean maybe you can browse
> > > > > the internet but there's something incorrectly configured preventing you from
> > > > > contacting a Domain Controller, like using the wrong DNS server.  The reason
> > > > > I feel strongly there's an AD connectivity issue is because no domain
> > > > > accounts can log on, which provided your not getting a trust error message
> > > > > generally means there is a problem communicating with a Domain Controller.
> > > > >
> > > > > Please verify you can log onto other servers with domain accounts and double
> > > > > check the problem server's DNS settings and let me know the results (if you'd
> > > > > like more suggestions).  Also why were you rebooting the server, had you
> > > > > installed a patch (if so which ones).
> > > > >
> > > > > Thanks and hope this helps.
> > > > >
> > > > > Nick Staff
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > "KBJones.es" wrote:
> > > > >
> > > > > > I replaced the missing ntldr file along with netdetect.com as my server
> > > > > > wouldn't reboot and gave me the missing ntldr message. The server then
> > > > > > rebooted yet would only allow the local admin profile to logon. The other
> > > > > > admin profiles are still on the directory with no apparent loss of data i.e.
> > > > > > documents and settings, but cannot be accessed. I am unable to reset the
> > > > > > passwords to other admin profiles from AD as I have tried and still couldn't
> > > > > > logon. I believe if I can get this issue resolved the additional MS Exchange
> > > > > > server issues will take care of themselves; hopefully.

"KBJones" wrote:

> No the default gateway isn't the same machine as the server. I can ping the
> gateway. Ip routing is enabled because workstations all have static IPs? I am
> routing the national headquarter's network. We are but a tree in a forest.
> 199.223.150.2 is not a dns rather a firewall/router.
>
> Nick,
>  The issue is resolved. There was a dns issue, a typo in a dns suffix but
> that was after the fact. What ended up working for me is svr2 was made the
> DC,
> then swithced the DC back to svr1, rebooted and it's like it never happened.
>
> I can't explain what happened when i rebooted the server, why I got the
> missing ntldr message, or that it didn't come back up as the DC when I
> brought it back up. Oh well. Maybe you have some ideas; and there wasn't a
> floppy disk in the floppy drive when I rebooted or anything like that;
> thankfully.
>
> I do believe I was in good hands here and was going in the right direction
> the whole way. I have to admit that I was more than just a little relieved
> after I read your initial reply, all your questions were right on the money.
>
> If you have anything to add; I'll checkback a few times. Thanks Nick.
>
> "Nick" wrote:
>
> > First thank you for responding so quickly to my questions.
> >
> > Here's what I don't understand - according to your last post the server
> > getting the ntldr error is your Domain controller, but you said in your
> > initial post you could only log onto the machine with a local account and not
> > a domain account.
> >
> > The thing is a Domain Controller's local accounts are the domain accounts. 
> > There aren't any accounts on  a DC that aren't in the domain.  That said,
> > don't worry about that for now.
> >
> > some questions:
> >
> > Is your default gateway (199.223.150.2) the same machine as the server
> > (199.223.150.38)?
> >
> > If they are different machines can you ping the gateway? (I don't think you
> > can).  If you can't then try re-installing the drivers for your nic and try
> > pinging the gateway again (use a different version of the drivers, an older
> > one if you have to).
> >
> > If the gateway is not on the same machine as the server then why is ip
> > routing enabled (and what network are you routing to)?
> >
> > In my opinion there is only one thing you should be working on right now -
> > being able to ping any other machine on your network from your server.   By
> > other machine I don't just mean different name but literaly a different
> > physical computer.  Troubleshoot this as a connectivity problem and don't
> > worry about the other issues, they can not be permanently resolved before
> > this one.
> >
> > Nick
> >
> > - Why is IP Routing enabled on the server (if there's a second NIC card can
> > I see the ipconfig output for it)?
> > - your gateway at 199.223.150.2 - is it also a DNS server?  If so is it a
> > caching only server or does it host zones for your AD as well?
> >
> >
> >
> > "KBJones" wrote:
> >
> > > I get internet anywhere, i.e. all workstations as well as backup server. I
> > > don't get the internet from machine in question (main svr).
> > >
> > > ipconfig /all =
> > > Windows 2000 IP Configuration
> > >
> > >         Host Name . . . . . . . . . . . . : la-hq-s1
> > >         Primary DNS Suffix  . . . . . . . : LA.loc
> > >         Node Type . . . . . . . . . . . . : Hybrid
> > >         IP Routing Enabled. . . . . . . . : Yes
> > >         WINS Proxy Enabled. . . . . . . . : No
> > >
> > > Ethernet adapter Local Area Connection:
> > >
> > >         Connection-specific DNS Suffix  . : la.loc
> > >         Description . . . . . . . . . . . : Intel(R) Advanc
> > > irtual Adapter
> > >         Physical Address. . . . . . . . . : 00-B0-D0-D1-EC-
> > >         DHCP Enabled. . . . . . . . . . . : No
> > >         IP Address. . . . . . . . . . . . : 199.223.150.38
> > >         Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > >         Default Gateway . . . . . . . . . : 199.223.150.2
> > >         DNS Servers . . . . . . . . . . . : 199.223.150.38
> > >                                             199.223.150.39
> > >                                             199.223.150.2
> > >         Primary WINS Server . . . . . . . : 199.223.150.38
> > >
> > > the 38 ip is the main svr and the 39 ip is the backup server. I believe that
> > > 38 hosts the AD.
> > > I also successfully pinged the domain controller both by ip and by name.
> > >
> > > "Nick" wrote:
> > >
> > > > Ahh if only I were psychic KB I'd know the answer to your problem (and I'd be
> > > > able to warn you about your next one too).  Truth of the matter is your post
> > > > must have been pretty informative after all  =).
> > > >
> > > > A couple of things:
> > > >
> > > > Don't bother with last known good anymore since one you log on last known
> > > > good becomes your current state.
> > > >
> > > > There's another person who posted last night saying they lose their internet
> > > > connection after installing SP4 - I don't know if it's the same issue but
> > > > thought it was interesting.
> > > >
> > > > Can you access the internet from your server?  Can you please go to the
> > > > command line and type ipconfig /all and paste the results here (if you don't
> > > > want to paste them for all the world to see could you email them to me at
> > > > nick.st***@comcast.net)?
> > > >
> > > > When/if you do that could you tell me if the DNS servers listed are the ones
> > > > hosting the zones for your AD domain?
> > > >
> > > > Out of curiousity, can you ping your Domain controller by IP?  How about by
> > > > name?
> > > >
> > > > Thanks KB.
> > > >
> > > > Nick
> > > >
> > > > "KBJones" wrote:
> > > >
> > > > > Nick,
> > > > >  You must be psycic; if you decyphered that much detail from that my vague 
> > > > > description; let's just say you said better than I did.. The only question
> > > > > you really left for me to answer is "Why was I rebooting the server?", my
> > > > > answer is "windows updates". I'm not sure which ones at this moment, but I've
> > > > > tried to boot to safe mode and restore to last known good config and no luck.
> > > > > I'll look hard at the dns and get back to you.
> > > > >
> > > > > "Nick" wrote:
> > > > >
> > > > > > I'm not sure I really understand what the whole issue but here's what I got
> > > > > > from your post - please correct me if I've misunderstood:
> > > > > >
> > > > > > - One of your servers wouldn't boot (I think it's your Exchange Server).
> > > > > > - This server was getting ntldr is missing message
> > > > > > - You resolved that issue and can now boot to Windows
> > > > > > - The local admin account can log on but no domain accounts
> > > > > > - You've reset the passwords to domain admin accounts and still they can't
> > > > > > log onto this seerver.
> > > > > > - When you try to log on with a domain account you get the standard
> > > > > > incorrect password window - you do not get a window that mentions anything
> > > > > > about a trust relationship.
> > > > > >
> > > > > > If all the above are true then first make sure you are booted into regular
> > > > > > Windows mode and not safe mode.  Also if this machine is a Domain Controller
> > > > > > make sure you're not in Active Directory Restore mode.
> > > > > >
> > > > > > If you've booted in normal mode then my first question is can these domain
> > > > > > admin accounts log onto your other servers (I'm assuming they can).  If so
> > > > > > then I think it's a connectivity issue or AD connectivity issue that's
> > > > > > causing your problem.  By AD connectivity issue I mean maybe you can browse
> > > > > > the internet but there's something incorrectly configured preventing you from
> > > > > > contacting a Domain Controller, like using the wrong DNS server.  The reason
> > > > > > I feel strongly there's an AD connectivity issue is because no domain
> > > > > > accounts can log on, which provided your not getting a trust error message
> > > > > > generally means there is a problem communicating with a Domain Controller.
> > > > > >
> > > > > > Please verify you can log onto other servers with domain accounts and double
> > > > > > check the problem server's DNS settings and let me know the results (if you'd
> > > > > > like more suggestions).  Also why were you rebooting the server, had you
> > > > > > installed a patch (if so which ones).
> > > > > >
> > > > > > Thanks and hope this helps.
> > > > > >
> > > > > > Nick Staff
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > "KBJones.es" wrote:
> > > > > >
> > > > > > > I replaced the missing ntldr file along with netdetect.com as my server
> > > > > > > wouldn't reboot and gave me the missing ntldr message. The server then
> > > > > > > rebooted yet would only allow the local admin profile to logon. The other
> > > > > > > admin profiles are still on the directory with no apparent loss of data i.e.
> > > > > > > documents and settings, but cannot be accessed. I am unable to reset the
> > > > > > > passwords to other admin profiles from AD as I have tried and still couldn't
> > > > > > > logon. I believe if I can get this issue resolved the additional MS Exchange
> > > > > > > server issues will take care of themselves; hopefully.