I am the new network administrator/computer teacher at a small private school. The network consists of 3 NT servers. and approximately 50 Win 98 clients. Up til yesterday, things were going reasonably well, although the network structure is very much spaghetti-like (some users on one server, some on another, files everywhere).

Yesterday, however... kaboom. A user came in to tell me that she no longer had an account. Neither did I, although I was still logged in from earlier in the day. All users that I added are gone, as well as apparently random users from the past. Attempting to recreate the lost users and give them access to their folders resulted in the system apparently (yes, I know it can't, but this is what SEEMED to happen) re-assigning the new users to some of the old system ids - I picked Grade5, for example, and got GHOST instead.

Upon further investigation, two of the three servers respond, when 'net accounts' is entered, by stating that they are the primary. The third no longer permits me to log in, saying that it has lost its domain connection to the server. To WHICH server is my question.

I am completely over my head. I have a very strong Win98 background, but have never had to administer an NT network, especially not one that appears to have been put together by some of our less bright students. Last year's computer teacher was fired, so I won't get much out of her, and the guy who set up the network is long gone and won't return calls (gee, I wonder why??)

So, I desperately need:

- an idea, if possible, of what went wrong in the first place
- suggestions on how to repair it (I am considering demoting the one that I have been told SHOULD be the BDC, but I'm scared of the repercussions)

Naturally, tomorrow is the due date for the first set of report cards, so teachers are collectively having a bird. I have spent the morning trying to figure out why the third server won't let me in (it DID yesterday), and am no further ahead on any part of this process.

Thank you very much in advance,
Heather (hwardell@somersetacademy.ca)

cleanups are always a pain but good opportunity to do long range planning.

What you describe means to me that you do not have any Pdc/bdc's but member servers.
[some users on one server, some on another...]

If a domain setup you would have the same accounts on all servers. In a domain you don't logon to a server but a domain. You do not need to promote a bdc to pdc to have authenication work. All bdcs and pdcs participate in authenication. So this is a workgroup setup with member servers by the sound of it.

For right now my advice would be to concentrate on restoring the server. I would not make any major changes until I learned where everything is and how it is all being used.

A domain model, in the end, is the best for security and control in a student environment.

So to recover the server we need to know what is wrong and what tools we have available.

Any recent ERD's for this server? Backups? Is it just the user accounts that seem to be a problem? Any antivirus software installed? Anyone know what service pack this server is on? Have service pack 6a available? You can logon to the other servers as administrator but not on the 3rd server? You have rebooted the 3rd server? Can anyone logon locally to the 3rd server now? If you disconnect the network patch cord, reboot, and try to logon locally, can you?

Thank you so much for your reply. I must admit to still being confused about whether I have PDCs or not - if they THINK they're both primary, is it possible that really neither of them is?

You asked:
--
Any recent ERD's for this server? Backups? Is it just the user accounts that seem to be a problem? Any antivirus software installed? Anyone know what service pack this server is on? Have service pack 6a available? You can logon to the other servers as administrator but not on the 3rd server? You have rebooted the 3rd server? Can anyone logon locally to the 3rd server now? If you disconnect the network patch cord, reboot, and try to logon locally, can you?
--

Regrettably, the past admins didn't do any backups that I can find. Ditto ERDs. It does basically seem to be the user accounts - I have, for example, an office user who can reach all of her files, and one who cannot, even though the files are in the same place on the network. (Both WERE able to access their files yesterday.)

No antivirus software installed right now. We have McAfee - should I go ahead and put it on there, or is adding another thing now a bad plan?

I have a file called sp6i386.exe, which I'm guessing is an NT service pack, but maybe not 6a? How would I tell?

I had rebooted the 3rd server repeatedly with no effect, but AM able to log on locally with the network cable out. The third machine is actually Win2000, for no apparent reason.

We are NOT a large operation - 180 users max, but only about 40 IDs max, as I want to have each class use a group login to avoid password forgetting (e.g., the grade 3 students all use grade3 as their log in). I have no idea why we have 3 servers. I've been told that the intent was to have the teachers on one and the students on another - I think this isn't necessary (and it's not happening now anyhow - stuff is everywhere). I'd be happy getting one server up and running with all user ids and files on it. I DO apparently have the option to shut the lab down for a week and redo the servers (at least, last year's teacher did - she refused) - should I be considering this?

Thanks,
Heather

Sorry, forgot to mention something... we DO in fact log in to a domain, as I understand it. Our servers are named DINGO, DINGO2, and DINGO3 (this being the Win2000 one), but the log in is to the SOMERSET domain.

The user lists in User Mgr on DINGO and DINGO2 are identical except that DINGO has one user that DINGO2 does not. Where each individual user's files are stored, however, seems to be basically random, some on DINGO and some on DINGO2.

Sounds like you have a lot of work ahead of you.

If two servers are installed as PDC's into the same domain name there would be a problem with authenicatiion from the client. Browsing would function erraticly.

So I am still trying to get a clear picture of what you have. Two NT servers and one W2K server?

What are the servers names? If you go into network properties on each are they a member of a domain or a workgroup?

If you go into server manager on each NT server and see what that server is listed as? Both primary or is one backup?

Service pack file looks correct by name. I have 34,889kb and a date of 11/23/99 on mine.

I would not install any software until we have resolution to the present problem with the NT server.

The questions we have are as follows;

Are the NT servers in a domain and are they pdc and bdc or two pdcs?

Why was the W2K server brought up? Did they upgrade this server from NT server? Was Active Directory engaged [did they run dcpromo]? Or was this 2000 box added to the network?

It is ALOT of work to redo servers and preserve data and access. I would work on reorganization before redoing the servers.

When you say, "an office user who can reach all of her files, and one who cannot, even though the files are in the same place on the network.", do you mean the SAME sharename is used by both but one has access and one doesn't? Check to see if the user who can't access has a account on this server. Next check to see if this account has access rights to the share [should be done by group membership].

Some suggestions as we resolve this;
1. you can set user names to have blank passwords so forgetting passwords isn't a issue. After all you would restict what those "student" accounts had access to.
2. a server with teacher stuff and a server with student stuff makes maintenance easier since you will be wiping student stuff more often then teachers stuff
3. the NT servers MUST have a defrag program installed like Diskeeper or the file system can become so fragmented the system will fail to function. W2K has a built in defrag.

Sounds like Dingo might be the PDc. Use dingo's server manager to sync the domain. See if this one user account appear on the other server. check event viewer concerning any replication errors.

Another test is create a new user on dingo2, sync the domain and see if that user apears on dingo.

If neither xfer either the trust between the machines has been lost or these are not correctly installed servers. Do a google search on nltest for the particulars in fixing this connection between servers.