Re: Cannot change user passwords in SBS 2003

A run of the SBS Best Practices Analyzer is on order as well as examination
of the system and directory services event logs. Can the users change their
own password from the workstations.

Stako wrote:
> Hello,
>
> I cannot change passwords for any domain user in SBS "Active Directory
> Users and Computers".
>
> The steps are:
>
> 1. Start/Run
> 2. dsa.msc
> 3. Go to mydomain.local\MyBusiness\Users\SBSUsers
> 4. Right click on any user
> 5. Select "Reset password"
> 6. I enter the new password and click on OK
> 7. I get the error:
>
> Active Directory
> Windows cannot complete the password change for "username" because: A
> device attached to the system is not functioning.
>
> Same thing happens if I go through Server Management\Users.
>
> dcdiag does not give any errors.
>
> I searched google in any way I could think of but I found nothing on
> this...
>
> Please note that until now (about 3 years) the server didn't have any
> major problems and everything was setup using the SBS wizards.
>
> Any ideas?

--
/kj

Stako wrote:
> On Dec 10, 6:31 pm, "kj [SBS MVP]" <KevinJ....@SPAMFREE.gmail.com>
> wrote:
>> A run of the SBS Best Practices Analyzer is on order as well as
>> examination of the system and directory services event logs. Can the
>> users change their own password from the workstations.
>>
>>
>>
>> Stako wrote:
>>> Hello,
>>
>>> I cannot change passwords for any domain user in SBS "Active
>>> Directory Users and Computers".
>>
>>> The steps are:
>>
>>> 1. Start/Run
>>> 2. dsa.msc
>>> 3. Go to mydomain.local\MyBusiness\Users\SBSUsers
>>> 4. Right click on any user
>>> 5. Select "Reset password"
>>> 6. I enter the new password and click on OK
>>> 7. I get the error:
>>
>>> Active Directory
>>> Windows cannot complete the password change for "username" because:
>>> A device attached to the system is not functioning.
>>
>>> Same thing happens if I go through Server Management\Users.
>>
>>> dcdiag does not give any errors.
>>
>>> I searched google in any way I could think of but I found nothing on
>>> this...
>>
>>> Please note that until now (about 3 years) the server didn't have
>>> any major problems and everything was setup using the SBS wizards.
>>
>>> Any ideas?
>>
>> --
>> /kj
>
> The Best Practices Analyzer does not give any critical issues except
> that "Task Offloading is enabled". But I do not think this is the
> problem...
>
> Users cannot change passwords from their computers either.


So this says that the problem is more than just a dsa.msc and dependancies
problem. Post the exact error a user recieves when attempting a password
change *and* a complete output from;

dcdiag /c /v /e

....and you should disable task offloading as recommended int he BPA. No, I'd
be surprised if it's the culprit here, but it is not helping either.


--
/kj

Stako wrote:
> On Dec 11, 6:18 pm, "kj [SBS MVP]" <KevinJ....@SPAMFREE.gmail.com>
> wrote:
>> Stako wrote:
>>> On Dec 10, 6:31 pm, "kj [SBS MVP]" <KevinJ....@SPAMFREE.gmail.com>
>>> wrote:
>>>> A run of the SBS Best Practices Analyzer is on order as well as
>>>> examination of the system and directory services event logs. Can
>>>> the users change their own password from the workstations.
>>
>>>> Stako wrote:
>>>>> Hello,
>>
>>>>> I cannot change passwords for any domain user in SBS "Active
>>>>> Directory Users and Computers".
>>
>>>>> The steps are:
>>
>>>>> 1. Start/Run
>>>>> 2. dsa.msc
>>>>> 3. Go to mydomain.local\MyBusiness\Users\SBSUsers
>>>>> 4. Right click on any user
>>>>> 5. Select "Reset password"
>>>>> 6. I enter the new password and click on OK
>>>>> 7. I get the error:
>>
>>>>> Active Directory
>>>>> Windows cannot complete the password change for "username"
>>>>> because: A device attached to the system is not functioning.
>>
>>>>> Same thing happens if I go through Server Management\Users.
>>
>>>>> dcdiag does not give any errors.
>>
>>>>> I searched google in any way I could think of but I found nothing
>>>>> on this...
>>
>>>>> Please note that until now (about 3 years) the server didn't have
>>>>> any major problems and everything was setup using the SBS wizards.
>>
>>>>> Any ideas?
>>
>>>> --
>>>> /kj
>>
>>> The Best Practices Analyzer does not give any critical issues except
>>> that "Task Offloading is enabled". But I do not think this is the
>>> problem...
>>
>>> Users cannot change passwords from their computers either.
>>
>> So this says that the problem is more than just a dsa.msc and
>> dependancies problem. Post the exact error a user recieves when
>> attempting a password change *and* a complete output from;
>>
>> dcdiag /c /v /e
>>
>> ...and you should disable task offloading as recommended int he BPA.
>> No, I'd be surprised if it's the culprit here, but it is not helping
>> either.
>>
>> --
>> /kj
>
> Ok, thank you for the reply. The error message when a user tries to
> change his password from his computer is:
>
> "Unable to change the password on this account due to the following
> error:
>
> 31: A device attached to the system is not functioning
>
> Please consult your system administrator."
>
> Something else came up, I also cannot add a new computer to the
> domain. The error message is:
>
> "The following error occurred attempting to join the domain:
>
> An internal error occurred"
>
> ?he following are the results from dcdiag. I did not run all switches
> together because I could not capture the output, it was too big for
> cmd to show everything. So I run them separately.

you can use dcdiag /c /v /e >dcdiag.log

to redirect the output, then locate failures and errors.

It would appear that your AD database has issues perhaps with the log files.
Was any sort of a restore operation attempted, and if so, elaborate on how
this was performed and why please.


>
> --------------------------------------------------------------------------------------------------------
> C:\Documents and Settings\Administrator>dcdiag /c
>
> Domain Controller Diagnosis
>
> Performing initial setup:
> Done gathering initial info.
>
> Doing initial required tests
>
> Testing server: Default-First-Site-Name\MAIN
> Starting test: Connectivity
> ......................... MAIN passed test Connectivity
>
> Doing primary tests
>
> Testing server: Default-First-Site-Name\MAIN
> Starting test: Replications
> ......................... MAIN passed test Replications
> Starting test: Topology
> ......................... MAIN passed test Topology
> Starting test: CutoffServers
> ......................... MAIN passed test CutoffServers
> Starting test: NCSecDesc
> ......................... MAIN passed test NCSecDesc
> Starting test: NetLogons
> ......................... MAIN passed test NetLogons
> Starting test: Advertising
> ......................... MAIN passed test Advertising
> Starting test: KnowsOfRoleHolders
> ......................... MAIN passed test KnowsOfRoleHolders
> Starting test: RidManager
> ......................... MAIN passed test RidManager
> Starting test: MachineAccount
> ......................... MAIN passed test MachineAccount
> Starting test: Services
> IsmServ Service is stopped on [MAIN]
> ......................... MAIN failed test Services
> Starting test: OutboundSecureChannels
> ** Did not run Outbound Secure Channels test
> because /testdomain: was not entered
> ......................... MAIN passed test
> OutboundSecureChannels
> Starting test: ObjectsReplicated
> ......................... MAIN passed test ObjectsReplicated
> Starting test: frssysvol
> ......................... MAIN passed test frssysvol
> Starting test: frsevent
> ......................... MAIN passed test frsevent
> Starting test: kccevent
> ......................... MAIN passed test kccevent
> Starting test: systemlog
> An Error Event occured. EventID: 0x00000457
> Time Generated: 12/21/2009 09:41:30
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0x00000457
> Time Generated: 12/21/2009 09:41:30
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0xC0002719
> Time Generated: 12/21/2009 09:50:02
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0xC0002719
> Time Generated: 12/21/2009 09:50:44
> (Event String could not be retrieved)
> ......................... MAIN failed test systemlog
> Starting test: VerifyReplicas
> ......................... MAIN passed test VerifyReplicas
> Starting test: VerifyReferences
> ......................... MAIN passed test VerifyReferences
> Starting test: VerifyEnterpriseReferences
> ......................... MAIN passed test
> VerifyEnterpriseReferences
> Starting test: CheckSecurityError
> [MAIN] No security related replication errors were found on
> this DC! T
> o target the connection to a specific source DC use /ReplSource:<DC>.
> ......................... MAIN passed test CheckSecurityError
>
> DNS Tests are running and not hung. Please wait a few minutes...
>
> Running partition tests on : ForestDnsZones
> Starting test: CrossRefValidation
> ......................... ForestDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
> ......................... ForestDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : DomainDnsZones
> Starting test: CrossRefValidation
> ......................... DomainDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
> ......................... DomainDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : Schema
> Starting test: CrossRefValidation
> ......................... Schema passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Schema passed test CheckSDRefDom
>
> Running partition tests on : Configuration
> Starting test: CrossRefValidation
> ......................... Configuration passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Configuration passed test
> CheckSDRefDom
>
> Running partition tests on : domainSA
> Starting test: CrossRefValidation
> ......................... domainSA passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... domainSA passed test CheckSDRefDom
>
> Running enterprise tests on : domainSA.local
> Starting test: Intersite
> ......................... domainSA.local passed test
> Intersite
> Starting test: FsmoCheck
> ......................... domainSA.local passed test
> FsmoCheck
> Starting test: DNS
> ......................... domainSA.local passed test DNS
> --------------------------------------------------------------------------------------------------------
>
>
>
> --------------------------------------------------------------------------------------------------------
> C:\Documents and Settings\Administrator>dcdiag /v
>
> Domain Controller Diagnosis
>
> Performing initial setup:
> * Verifying that the local machine main, is a DC.
> * Connecting to directory service on server main.
> * Collecting site info.
> * Identifying all servers.
> * Identifying all NC cross-refs.
> * Found 1 DC(s). Testing 1 of them.
> Done gathering initial info.
>
> Doing initial required tests
>
> Testing server: Default-First-Site-Name\MAIN
> Starting test: Connectivity
> * Active Directory LDAP Services Check
> * Active Directory RPC Services Check
> ......................... MAIN passed test Connectivity
>
> Doing primary tests
>
> Testing server: Default-First-Site-Name\MAIN
> Starting test: Replications
> * Replications Check
> * Replication Latency Check
> * Replication Site Latency Check
> ......................... MAIN passed test Replications
> Test omitted by user request: Topology
> Test omitted by user request: CutoffServers
> Starting test: NCSecDesc
> * Security Permissions check for all NC's on DC MAIN.
> * Security Permissions Check for
> DC=ForestDnsZones,DC=domainSA,DC=local
> (NDNC,Version 2)
> * Security Permissions Check for
> DC=DomainDnsZones,DC=domainSA,DC=local
> (NDNC,Version 2)
> * Security Permissions Check for
> CN=Schema,CN=Configuration,DC=domainSA,DC=local
> (Schema,Version 2)
> * Security Permissions Check for
> CN=Configuration,DC=domainSA,DC=local
> (Configuration,Version 2)
> * Security Permissions Check for
> DC=domainSA,DC=local
> (Domain,Version 2)
> ......................... MAIN passed test NCSecDesc
> Starting test: NetLogons
> * Network Logons Privileges Check
> Verified share \\MAIN\netlogon
> Verified share \\MAIN\sysvol
> ......................... MAIN passed test NetLogons
> Starting test: Advertising
> The DC MAIN is advertising itself as a DC and having a DS.
> The DC MAIN is advertising as an LDAP server
> The DC MAIN is advertising as having a writeable directory
> The DC MAIN is advertising as a Key Distribution Center
> The DC MAIN is advertising as a time server
> The DS MAIN is advertising as a GC.
> ......................... MAIN passed test Advertising
> Starting test: KnowsOfRoleHolders
> Role Schema Owner = CN=NTDS
> Settings,CN=MAIN,CN=Servers,CN=Default-Firs
> t-Site-Name,CN=Sites,CN=Configuration,DC=domainSA,DC=loca l
> Role Domain Owner = CN=NTDS
> Settings,CN=MAIN,CN=Servers,CN=Default-Firs
> t-Site-Name,CN=Sites,CN=Configuration,DC=domainSA,DC=loca l
> Role PDC Owner = CN=NTDS
> Settings,CN=MAIN,CN=Servers,CN=Default-First-S
> ite-Name,CN=Sites,CN=Configuration,DC=domainSA,DC=loca l
> Role Rid Owner = CN=NTDS
> Settings,CN=MAIN,CN=Servers,CN=Default-First-S
> ite-Name,CN=Sites,CN=Configuration,DC=domainSA,DC=loca l
> Role Infrastructure Update Owner = CN=NTDS
> Settings,CN=MAIN,CN=Servers,
> CN=Default-First-Site-
> Name,CN=Sites,CN=Configuration,DC=domainSA,DC=loca l
> ......................... MAIN passed test KnowsOfRoleHolders
> Starting test: RidManager
> * Available RID Pool for the Domain is 2110 to 1073741823
> * main.domainSA.local is the RID Master
> * DsBind with RID Master was successful
> * rIDAllocationPool is 1610 to 2109
> * rIDPreviousAllocationPool is 1110 to 1609
> * rIDNextRID: 1537
> * Warning :There is less than 15% available RIDs in the
> current pool
> ......................... MAIN passed test RidManager
> Starting test: MachineAccount
> Checking machine account for DC MAIN on DC MAIN.
> * SPN found :LDAP/main.domainSA.local/domainSA.local
> * SPN found :LDAP/main.domainSA.local
> * SPN found :LDAP/MAIN
> * SPN found :LDAP/main.domainSA.local/domainSA
> * SPN found :LDAP/
> 593e4473-01e0-4b1d-8bb7-1bdf95904ea7._msdcs.domainSA
> .local
> * SPN found :E3514235-4B06-11D1-
> AB04-00C04FC2DCD2/593e4473-01e0-4b1d-8b
> b7-1bdf95904ea7/domainSA.local
> * SPN found :HOST/main.domainSA.local/domainSA.local
> * SPN found :HOST/main.domainSA.local
> * SPN found :HOST/MAIN
> * SPN found :HOST/main.domainSA.local/domainSA
> * SPN found :GC/main.domainSA.local/domainSA.local
> ......................... MAIN passed test MachineAccount
> Starting test: Services
> * Checking Service: Dnscache
> * Checking Service: NtFrs
> * Checking Service: IsmServ
> IsmServ Service is stopped on [MAIN]
> * Checking Service: kdc
> * Checking Service: SamSs
> * Checking Service: LanmanServer
> * Checking Service: LanmanWorkstation
> * Checking Service: RpcSs
> * Checking Service: w32time
> * Checking Service: NETLOGON
> ......................... MAIN failed test Services
> Test omitted by user request: OutboundSecureChannels
> Starting test: ObjectsReplicated
> MAIN is in domain DC=domainSA,DC=local
> Checking for CN=MAIN,OU=Domain
> Controllers,DC=domainSA,DC=local in dom
> ain DC=domainSA,DC=local on 1 servers
> Object is up-to-date on all servers.
> Checking for CN=NTDS Settings,CN=MAIN,CN=Servers,CN=Default-
> First-Site-
> Name,CN=Sites,CN=Configuration,DC=domainSA,DC=loca l in domain
> CN=Configuration,
> DC=domainSA,DC=local on 1 servers
> Object is up-to-date on all servers.
> ......................... MAIN passed test ObjectsReplicated
> Starting test: frssysvol
> * The File Replication Service SYSVOL ready test
> File Replication Service's SYSVOL is ready
> ......................... MAIN passed test frssysvol
> Starting test: frsevent
> * The File Replication Service Event log test
> ......................... MAIN passed test frsevent
> Starting test: kccevent
> * The KCC Event log test
> Found no KCC errors in Directory Service Event log in the
> last 15 minut
> es.
> ......................... MAIN passed test kccevent
> Starting test: systemlog
> * The System Event log test
> An Error Event occured. EventID: 0x00000457
> Time Generated: 12/21/2009 09:41:30
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0x00000457
> Time Generated: 12/21/2009 09:41:30
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0xC0002719
> Time Generated: 12/21/2009 09:50:02
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0xC0002719
> Time Generated: 12/21/2009 09:50:44
> (Event String could not be retrieved)
> ......................... MAIN failed test systemlog
> Test omitted by user request: VerifyReplicas
> Starting test: VerifyReferences
> The system object reference (serverReference)
> CN=MAIN,OU=Domain Controllers,DC=domainSA,DC=local and
> backlink on
> CN=MAIN,CN=Servers,CN=Default-First-Site-
> Name,CN=Sites,CN=Configuration
> ,DC=domainSA,DC=local
> are correct.
> The system object reference (frsComputerReferenceBL)
> CN=MAIN,CN=Domain System Volume (SYSVOL share),CN=File
> Replication Serv
> ice,CN=System,DC=domainSA,DC=local
> and backlink on CN=MAIN,OU=Domain
> Controllers,DC=domainSA,DC=local
> are correct.
> The system object reference (serverReferenceBL)
> CN=MAIN,CN=Domain System Volume (SYSVOL share),CN=File
> Replication Serv
> ice,CN=System,DC=domainSA,DC=local
> and backlink on
> CN=NTDS Settings,CN=MAIN,CN=Servers,CN=Default-First-Site-
> Name,CN=Sites
> ,CN=Configuration,DC=domainSA,DC=local
> are correct.
> ......................... MAIN passed test VerifyReferences
> Test omitted by user request: VerifyEnterpriseReferences
> Test omitted by user request: CheckSecurityError
>
> Running partition tests on : ForestDnsZones
> Starting test: CrossRefValidation
> ......................... ForestDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
> ......................... ForestDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : DomainDnsZones
> Starting test: CrossRefValidation
> ......................... DomainDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
> ......................... DomainDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : Schema
> Starting test: CrossRefValidation
> ......................... Schema passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Schema passed test CheckSDRefDom
>
> Running partition tests on : Configuration
> Starting test: CrossRefValidation
> ......................... Configuration passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Configuration passed test
> CheckSDRefDom
>
> Running partition tests on : domainSA
> Starting test: CrossRefValidation
> ......................... domainSA passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... domainSA passed test CheckSDRefDom
>
> Running enterprise tests on : domainSA.local
> Starting test: Intersite
> Skipping site Default-First-Site-Name, this site is outside
> the scope
> provided by the command line arguments provided.
> ......................... domainSA.local passed test
> Intersite
> Starting test: FsmoCheck
> GC Name: \\main.domainSA.local
> Locator Flags: 0xe00001fd
> PDC Name: \\main.domainSA.local
> Locator Flags: 0xe00001fd
> Time Server Name: \\main.domainSA.local
> Locator Flags: 0xe00001fd
> Preferred Time Server Name: \\main.domainSA.local
> Locator Flags: 0xe00001fd
> KDC Name: \\main.domainSA.local
> Locator Flags: 0xe00001fd
> ......................... domainSA.local passed test
> FsmoCheck
> Test omitted by user request: DNS
> Test omitted by user request: DNS
> --------------------------------------------------------------------------------------------------------
>
>
>
> --------------------------------------------------------------------------------------------------------
> C:\Documents and Settings\Administrator>dcdiag /e
>
> Domain Controller Diagnosis
>
> Performing initial setup:
> Done gathering initial info.
>
> Doing initial required tests
>
> Testing server: Default-First-Site-Name\MAIN
> Starting test: Connectivity
> ......................... MAIN passed test Connectivity
>
> Doing primary tests
>
> Testing server: Default-First-Site-Name\MAIN
> Starting test: Replications
> ......................... MAIN passed test Replications
> Starting test: NCSecDesc
> ......................... MAIN passed test NCSecDesc
> Starting test: NetLogons
> ......................... MAIN passed test NetLogons
> Starting test: Advertising
> ......................... MAIN passed test Advertising
> Starting test: KnowsOfRoleHolders
> ......................... MAIN passed test KnowsOfRoleHolders
> Starting test: RidManager
> ......................... MAIN passed test RidManager
> Starting test: MachineAccount
> ......................... MAIN passed test MachineAccount
> Starting test: Services
> IsmServ Service is stopped on [MAIN]
> ......................... MAIN failed test Services
> Starting test: ObjectsReplicated
> ......................... MAIN passed test ObjectsReplicated
> Starting test: frssysvol
> ......................... MAIN passed test frssysvol
> Starting test: frsevent
> ......................... MAIN passed test frsevent
> Starting test: kccevent
> ......................... MAIN passed test kccevent
> Starting test: systemlog
> An Error Event occured. EventID: 0x00000457
> Time Generated: 12/21/2009 09:41:30
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0x00000457
> Time Generated: 12/21/2009 09:41:30
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0xC0002719
> Time Generated: 12/21/2009 09:50:02
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0xC0002719
> Time Generated: 12/21/2009 09:50:44
> (Event String could not be retrieved)
> ......................... MAIN failed test systemlog
> Starting test: VerifyReferences
> ......................... MAIN passed test VerifyReferences
>
> Running partition tests on : ForestDnsZones
> Starting test: CrossRefValidation
> ......................... ForestDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
> ......................... ForestDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : DomainDnsZones
> Starting test: CrossRefValidation
> ......................... DomainDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
> ......................... DomainDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : Schema
> Starting test: CrossRefValidation
> ......................... Schema passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Schema passed test CheckSDRefDom
>
> Running partition tests on : Configuration
> Starting test: CrossRefValidation
> ......................... Configuration passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Configuration passed test
> CheckSDRefDom
>
> Running partition tests on : domainSA
> Starting test: CrossRefValidation
> ......................... domainSA passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... domainSA passed test CheckSDRefDom
>
> Running enterprise tests on : domainSA.local
> Starting test: Intersite
> ......................... domainSA.local passed test
> Intersite
> Starting test: FsmoCheck
> ......................... domainSA.local passed test
> FsmoCheck
> --------------------------------------------------------------------------------------------------------

--
/kj

Stako wrote:
> Ok, removed one drive from the RAID1 array and the errors about
> ntds.dit did not appear again. So this is not the issue.....

I'm not following that logic. It seems, at least with your original RAID
configuration, that you have a AD database integrity problem. If it isn't
presented in with the second drive and you are able to make AD
modifications, then an AD backup and RAID repair would seem to be indicated.

If your AD still has integrity issues then a restore would be indicated.
What data might be lost would be the difference between now and the backup
time, assuming that AD had made some changes along the way.

--
/kj

Stako wrote:
> I removed the second RAID disk so that I could image it and then
> convert the image to a VMWare VM. Also I saw some indications in the
> 'net that it could also be a hardware problem (the ntds.dit errors).
> Anyway, after booting with one hdd the errors went away. Could have
> been related but I think it was by chance.
>
> Anyway, I created the vmware VM, used that to do a test restoring the
> System State (AD etc), this went well, it succeded without errors and
> all problems were fixed, I could change user passwords, add new users
> etc. So then I did the same to the live SBS machine and all problems
> were fixed!
>
> The backup was a few days back but that wasn't a problem.
>
> Some minor issues came up in the event log after the AD restore but
> nothing serious, fixed those in 1-2 hours.
>
> So thanks for the advise to restore AD from the backup. It was indeed
> a problem with AD.

Pleased that you ultimately got to a good working state and thanks for
posting back.



--
/kj