JSI Tip 3156. Can I log on without the Active Directory Client?

If you search in the Windows 2000 Server help file, Active Directory client / Troubleshooting claims:

"Clients without Active Directory client software installed cannot log on.

Cause: The primary domain controller emulator is not available. This may be caused by a network connectivity problem. It may also be due to a failure of the computer holding the primary domain controller emulator role.

Solution: Resolve the network connectivity problem. Or, repair or replace the computer holding the primary domain controller emulator role. It may be necessary to seize the primary domain controller emulator role."

This is NOT correct, you can be authenticated with NTLM by any domain controller, it does NOT have to be the PDC FSMO.

I know of two exceptions:

1. If your passowrd has expired and you are running a downlevel client, NT 4.0 or W9x, you MUST have the Active Directory Client in order to log on.

2. If you are running a downlevel client, the Active Directory Client is required to change your password, unless the PDC FSMO is available.


Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish