Windows 2000 server sees NT4 BDC computer name as user account

  • Section(s): TroubleShooting
  • Published on Apr 20, 2004.
  • Last Modified on Apr 20, 2004.
  • Last Modified by Wayne Maples.
  • Rated 5 out of 5 based on 2 votes.
If you have a mixed mode Windows 2000 domain where the PDC is Windows 2000, you can have problems with how the Windows 2000 PDC handles the machine accounts from Windows NT. It the secure account for an existing NT4 BDC gets out of synch, you can use the nltest.exe utility from Windows 2000 to reset the server account password. See How to Use NLTEST to Force a New Secure Channel

If it is a new BDC, and you have already added the BDC machine name, delete it. Recreate it using the Windows 2000 Directory Manager snap-in:

Start ADSI Edit and view the userAccountControl property for the new computer object.

Change the value of the userAccountControl object to 8192 from the default of 4128.

After this, you should be able to install the Windows NT4 BDC. Now the Windows 2000 PDC will recognize that the machine account (ends in $ as in waynespc$) is a computer object not a user object.

Taken from Q221826 . Check to see if there is updated information or other workarounds. Microsoft periodically updates these KB articles.

About Wayne Maples


Article not looking right or info is missing? Let us know so that we can fix it: .


Receive all the latest articles by email!

Receive Real-Time & Monthly WindowsNetworking.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowsNetworking.com member!

Discuss your network issues with thousands of other network administrators. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred Anti Spam Hardware solution?

Follow TechGenix on Twitter