Author Topic: solved: domain account userid missing?  (Read 1077 times)

nubro01

  • Zen Apprentice
  • *
  • Posts: 40
  • Karma: +0/-0
  • Started with mainframe back in the 70th's
    • View Profile
solved: domain account userid missing?
« on: March 02, 2014, 01:38:26 pm »
Hi, I have an Asus P6TWS with 24 gig of memory, 2xsas 147 GIG RAID1 and 6 x 1TB Sata RAID5, running Server 2008 R2 with Hyper-v.
After using it for 4 years it's time to replaced it, also because it is using 200 watt 24x7.
I now have a Zotac ID42 which only uses 38 watt, including a WD 3TB USB3 disk.
I worked for 21 years for ca.com, so my userid naming is still from that time.
Naming convention was/is first three characters from lastname, 2 characters from first name and a two position sequence number. So my userid is nubro01.
I started with Installing Zentyal 3.3 and used of course nubro01 as system account for the first install.
After I successfully joined my PDC with Zentyal 3.3, I noticed that all my users where present, except nubro01!
Ok, a reinstall and I used nubro00 as system account, that made no difference, still nubro01 was not  replicated.
Then I made the beginners mistake to create nubro01 on the zentyal 3.3 server, resulting in a new nubro01 being created within the whole domain and with a NEW SID, of course!!!
Before I found that out, all my userprofiles where recreated with the new SID on all machines that I logged in to.
Restoring the virtual disk of my PDC and removing all windows registery profile referenes for the new SID, seemed to be the only solution that worked to repair everything to the starting position.
 
I now tried Zentyal 3.4 feb25 build and I am still stuck with the same problem.
Any account that I create on my pdc is replicated to my zentyal bdc, any change to any userid is replicated, except that  nubro01 account, it will not replicate, despited the fact that I changed/removed it from all OU's that might conflict. nubro01 is exactly the same, member wise, as for instance bakce01, which is replicated and also a member of domain admin and users.

I hope this sound familiar to someone and that you can give me a hint on resolving this, with the correct shell commands to investigate and resolv and so that I keep my original SID and without a reinstall. ;-)

Regards

Ron
 
« Last Edit: March 03, 2014, 04:43:22 pm by nubro01 »

nubro01

  • Zen Apprentice
  • *
  • Posts: 40
  • Karma: +0/-0
  • Started with mainframe back in the 70th's
    • View Profile
Re: domain account userid missing?
« Reply #1 on: March 03, 2014, 04:42:54 pm »
I compared the properties of both users and found that nubro01 had a delegation tab within his aduc properties. Next I checked for both users the attribute editor tab and cleared for nubro01 the extentionName and removed all entries within servicePrincipalName (a lot of entries), next I applied the changes and went over to my zentyal users and computers and ........ YES, nubro01 was replicated.
Since nubro01 was the main account for anything I did on this domain for the last couple of years, it must have been added to some stuff that the ZENTYAL replication did not like.
I just wonder where the ..... could I have found this error, in which log should I have found something, that would point me in the right direction? My geuss is, the entries within servicePrincipalName caused the problem, since most entries in there pointed to machines already gone for years.

SOLVED
« Last Edit: March 03, 2014, 04:47:17 pm by nubro01 »