General discussion


Problems with new user on W2K3 domain

By Sharad Sreedharan ·

I'm experiencing a strange problem with one of my PC with Windows 98 SE, the existing user had left the company and I'd to allocate it to a new user, for which I created the new username and related settings on my Windows 2003 domain.

When I try to logon the following 'Microsoft Networking' message window keeps popping up and displays the message 'Username cannot be found'

But, when I try to logon using the previous user's logon credentials, everything works fine and so for the administrator and other usernames.

Also, I'm able to logon using this new username from a Windows XP Pro machine without any problems.

I suspect some authentication related issue. Does anyone know why and any solution to this problem?

Much appreciate your help.

Regards, Sharad Sreedharan

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by Skidoggeruk In reply to Problems with new user on ...

Found this on Microsoft, sounds kinda dire. Good Luck

Microsoft Knowledge Base Article - 267877

When "down-level" clients (Microsoft Windows 95 or Windows 98 clients) log on to the domain, they may receive the following error message:

The username cannot be found.

If the user tries several times, the user may eventually log on correctly.

When Windows 95 or Windows 98 clients receive this error message, the clients may be becoming authenticated by an unauthorized ("rogue") domain or domain controller (DC) with the same NetBIOS domain name as the normal Microsoft Windows 2000 domain, but the domain Security Identification Number (SID) is different.
There may be an unauthorized domain or domain controller on the network with the same NetBIOS name as your domain, but with a different SID.

Or, there may be a previously given domain controller with the correct SID, but with no valid computer account in the domain. Therefore, the rogue DC is not generating errors on the valid DC's and not synchronizing with the primary domain controller (PDC), but is still trying to authenticate users.

This domain controller responds to client logon requests and has registered with Windows Internet Name Service (WINS), and clients are getting its address when requesting 1C information from WINS.

Collapse -

by Skidoggeruk In reply to

Here's the rest ....

To resolve this behavior, follow these steps:

Choose one of the clients that is receiving the error message. On this client, implement the following instructions contained in the following article:

For additional information about displaying domain logon confirmation in Windows, click the article number below to view the article in the Microsoft Knowledge Base:
150898 How to Display Domain Logon Confirmation in Windows

This article can help you to determine which domain controllers are validating users correctly.
Check all WINS servers for the 1C entry. Obtain the list of domain controllers and check to see if all the entries in WINS are valid.
If this still does not locate the rogue domain controller, you must obtain a network trace of the client logging in and obtaining the error message.
Once you discover the domain controller that is validating the clients, check the role of the computer by typing the following at a command line:

net accounts

Disconnect the computer from the network and see whether you continue to have client logons. If the clients stop obtaining the error messages while the computer is offline you found the computer.
More than likely the unauthorized computer is a Windows NT 3.51 or 4.0 domain controller. The only way to remove it is to reinstall the server. Take the necessary precautions to save data, shares, and files. If the computer is a Microsoft Windows 2000 domain controller, you can Domain Controller Promotion (DCPROMO) it down and DCPROMO it back up to join the correct domain.

Collapse -

by Sharad Sreedharan In reply to

Thanks for the answer and comments.

I've confirmed that there are no rogue domain or domain controllers on my network, I did follow the KB article 150898 to display the domain logon confirmation, it's being authenticated by the correct DC itself.

My problem is only with not being able to logon to the domain with the new username I've created in W2K3 domain, I'm able to logon to the domain from this PC using previously created usernames which were migrated from NT4 domain.

I'm not sure where the mystery lies!!

Hope somebody can help.

Thanks, Sharad

Collapse -

by BFilmFan In reply to Problems with new user on ...

Take a look at the WINS database and verify that there are no rogue NT 4.0 domain controllers. If you can still log in with old NT 4 accounts, there has to be a NT 4 primary or backup domain controller somewhere in operation.

Related Discussions

Related Forums