account not allowing domain access

[Guest]

I have XP Pro with SP2 installed on a work laptop. I have two profiles on
this laptop - one local and one for the work domain. I used to always login
to the domain to access file server and printers. But whenever I needed to
install s/w or do updates, the domain would say I am not an administrator (to
install on the laptop). So I would log out and login on the local profile to
install / update.

Recently, the office PC wiz gave the local profile access to the domain so
the above wasn't necessary. At first I could access domain resources, but
now I can't print or access file server. Does anyone have suggestions?
Should we blow away both profiles and recreate a new, local profile with
domain access?

Thanks for any and all help!
RD

 

[Steven L Umbach]

Does it work when you logon to the domain? I would check with the person
that is responsible for configuring your computer for help with the problem.
Also description of what you mean by could not access and exact error
messages would help such as access denied or can not be found as there could
by many reasons why you are having a problem. For access denied you might
try entering user name in credentials prompt as domainname\username and of
course the logon password needs to be the same for the domain and local
account for access to work correctly. --- Steve

 

[Admiral Q]

Tell the local PC wiz to add your domain account to the laptop's local admin
group. This allows you to have your normal domain access, but makes you
part of the administrators group on the laptop. This is how we have the IT
development staff setup at our company, as they are always having to
install/uninstall software for various projects, along with some support
software that just won't run if you're anything less than an administrator.

 

[Guest]

Steve thanks for your reply. Below is more detail. If you need more details
like profile settings, please let me know where to get that so I can post
whatever info will help me resolve this issue.

When I open Settings, Printers and Faxes, the network printers have a status
of Unable to connect. When I use the Synchronization feature (that
previously worked fine), it gives a status of Failed and the message “Unable
to connect to \\LT2000s\LT-Data. The specified network name is no longer
available.†If I try to use the LTDOM login after booting up, it gives me
this message “The system could not log you on. Make sure the user name and
domain are correct, then type your password again.â€

Thx,
RD

 

[Guest]

Admiral Q,
Please see the comments to Steve. I'm checking with the internal person
who's been helping me to see if he tried your suggstions already.
Thanks,
RD

 

[Steven L Umbach]

It sounds like it could be a problem with wrong credentials, network
connectivity, and or name resolution.

Have the admin check the security logs of LT2000s to see if there are any
logon failures from your computer that could mean that you are using the
wrong user name and/or password. Also try pinging LT2000s to make sure you
have basic connectivity to it and if you can not ping by name try it's IP
address. Check the logs on your computer via Event Viewer to see if there
are any error/warnings that are related such as for userenv that indicate
Group Policy was not applied or the domain controller could not be contacted
for times that you are connected to the domain network. I would also use
ipconfig /all to make sure your computer is using only domain controllers as
preferred/alternate DNS servers and run the support tool netdiag to see if
any problems are found for dc discovery, dns, kerberos, or trust/secure
channel. I am assuming here that you are also having problems when you logon
with your domain user account. --- Steve

 

[Guest]

Steve,

Regarding your suggestions, here's what I've found so far.

- try pinging LT2000s to make sure you have basic connectivity to it and if
you can not ping by name try its IP Address. I can do both.

- check the logs on your computer via Event Viewer to see if there are any
error/warnings that are related such as for userenv that indicate Group
Policy was not applied or the domain controller could not be contacted for
times that you are connected to the domain network.
Every morning that I checked there was this message:

No Domain Controller is available for domain LTDOM due to the following:
There are currently no logon servers available to service the logon request.
Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

- I would also use ipconfig /all to make sure your computer is using only
domain controllers as preferred/alternate DNS servers.
The DNS Search list includes ltdom.lt.com, lt.com, which are the only dns
names we have.

We haven't tried your other two suggestion on the server yet. But
yesterday, we did reset my domain password and selected the create new
password upon next login. When I tried to reset my password through the pop
up window, it would not accept the old password that we just reset on the
server.

We're tempted to just delete my current domain user account and create a new
one by copying someone elses. What if any issues might this create when
trying to reconnect under the new account with respect to existing folder,
laptop permissions, etc.? In other words, what can cause issues that we
don't know about by taking this approach?

Thanks in advance!
RD