In a single domain NT network I have a problem on a BDC which even Microsoft can't seem to sort out. On the lan where the BDC exists a user has attempted to log into a Windows 2000 Pro workstation using the NT administrator account, after several unsuccessfull attempts the account was locked. When i login to BDC as the administrator i cannot sysc with the PDC "access denied" and i when i open user manager i can see all the user accounts in the list but cannot open or edit "access denied" again.When i login into the BDC using another account with administrator rights i can sync and view / edit users. But his administrator cannot access the areas that i need, it seems permanently lock even though i've unlocked and re-synced with the PDC. Any ideas??
This conversation is currently closed to new comments.
Log on locally to the PDC as Administrator (or equivalent). Start User Manager for Domains, navigate to the locked user account and unlock it. Force a replication between the PDC and BDC. Try to log back into the BDC. If that doesn't work, you could also try creating a new administrator account from the PDC, replicate, log in to the BDC with the new account, and unlock the locked account. If you still cannot unlock the locked account or log in to the BDC, you will need to backup the server, and rebuild it.
This is the very reason why there should be at least one "backup" user account that has "God" administrator permissions on any network.
Do You have an Emergency Repair Disk, then you could try running the install cd and go to the repair option. This should allow you to repair the relevent files for administrator account. If you don't have a ERD then you can still do the repair butyou may have to reinstall some of your software.
If you have a user account with admin rights to the local machine (the BDC) log in and reset the locked out account. Create or promote a user account as a domain admin and unlock the account.
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Administrator account locked