question

WileyWon-3228 avatar image
0 Votes"
WileyWon-3228 asked FanFan-MSFT commented

Server 2019 Essentials has locked me out

I performed a clean install of Server 2019 Essentials and all went well - to a point.
The machine has a fixed IP address of 10.1.10.10 on the local network and the DNS was pointed to the router at 10.1.10.1.

The installation finished (aborted?) without running any wizards or creating any shortcuts on the desktop. I guess that is one of the "improvements" in 2019 Essentials?
That's OK. I wasn't a fan of the Wizards in 2016 anyway.

I located Server Manager in Windows\System32. I was able to add the A/D and DNS roles and create a new forest named NWC.local.

I logged in as NWC\Administrator, located AD Users & Computers, added an Admin user, and rebooted, I logged in as NWC\Admin.
So far, so good.

My problems began when I renamed the machine from WIN-DTF36XN8LLS to NWC-DC1 and rebooted.

Now, when I try to log in as NWC\Administrator or NWC\Admin, I get "The security database of the server does not have a computer account for this workstation trust relationship."

If I try to log in as WIN-DTF36XN8LLS\Administrator or WIN-DTF36XN8LLS\Admin, I get "An attempt was made to logon, but the network logon service was not started."

If I try to log in as any other user name, I get "The user name or password is incorrect. Try again."

All this is happening at the console of the server. I have not yet tried to network any workstations.

What went wrong?

How am I going to get logged back into this computer?
Even if I drive three hours and boot this box with a Linux utility, I still won't know how to create a computer account or trust relationship.

windows-server-essentials
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

FanFan-MSFT avatar image
0 Votes"
FanFan-MSFT answered FanFan-MSFT commented

Hi,
Welcome to ask here!
From my side, i will try to restart the DC and enter the Directory Services Restore Mode.
Then change the DNS server point to the DC itself (127.0.0.1).
If there are any progress, welcome to share here!
Best Regards,

· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

This machine does not have iLO, so I have no way to get into AD Restore mode remotely.
So, tomorrow I will drive three hours and try it.
Do you think Restore Mode will be able to create a computer account and establish a trust relationship?
I'm still wondering why that didn't happen automatically when I added the AD role and promoted the server, but that didn't happen.

0 Votes 0 ·

Hi,
I'm not sure if it will work.
But for now, it is the only way to logon to the server.

Best Regards,

0 Votes 0 ·

Hi,
I am checking to see if the problem has been resolved.
If there's anything you'd like to know, don't hesitate to ask.
Best Regards,

0 Votes 0 ·
Show more comments