JSI Tip 8912. When you open Active Directory Users and Computers or Active Directory Sites and Services on a Windows 2000 server, you receive 'Naming Information cannot be located because: Login attempt failed'?

When you attempt to modify Group Policy on the subject server, you receive:

Failed to open group policy: You may not have appropriate rights. The specified domain either does not exist or could not be located.

Dcdiag produces output similar to:

* Connecting to directory service on server <ServerName>.
\[<ServerName>\] LDAP bind failed with error 1323,
Unable to update the password. The value provided as the current password is incorrect.
***Error: The machine could not attach to the DC because the credentials were incorrect. Check your credentials or specify credentials with /u:<domain>\<user> & /p:\[<password>|*|""\]

This behavior will occur if the security policy has been by a virus.

To resolve this problem, use Recreatedefpol.exe - The Windows 2000 Default Group Policy Restore Tool.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.