DHCP user gets Account Disabled error frequently

D

dominictiberio

I have a user with a Windows XP SP2 laptop that is set to log in with
DHCP on our network (win 200 adv servers), however frequently she is
greeted with a message stating that her account is disabled and it is
keeping her from logging in. By removing the computer from the network
and onto a workgroup/rebooting/ and re-adding it to the domain it will
function properly again. She will work fine for weeks on end, but if
she travels to another location and logs in via DHCP there and then
goes back to her office we have to go through the remove/re-add again
each time.

What is going on here? Other DHCP users on WinXP SP1 have no trouble. I
have verified that the SP2 firewall is disabled. Any suggestions?

Thanks,
- DT
 
D

Dave Patrick

A little confusing. You mention "her account" which sounds like a user
account but later mention disjion/rejoin the pc to the domain which is the
computer account. DHCP in of itself would have nothing to do with either.
Might be the user joins it to another domain in the field?

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

|I have a user with a Windows XP SP2 laptop that is set to log in with
| DHCP on our network (win 200 adv servers), however frequently she is
| greeted with a message stating that her account is disabled and it is
| keeping her from logging in. By removing the computer from the network
| and onto a workgroup/rebooting/ and re-adding it to the domain it will
| function properly again. She will work fine for weeks on end, but if
| she travels to another location and logs in via DHCP there and then
| goes back to her office we have to go through the remove/re-add again
| each time.
|
| What is going on here? Other DHCP users on WinXP SP1 have no trouble. I
| have verified that the SP2 firewall is disabled. Any suggestions?
|
| Thanks,
| - DT
|
 
D

dominictiberio

Dave said:
A little confusing. You mention "her account" which sounds like a user
account but later mention disjion/rejoin the pc to the domain which is the
computer account. DHCP in of itself would have nothing to do with either.
Might be the user joins it to another domain in the field?

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect
Click to expand...

The "her account" was referring to the user. She is mainly at 1
location, but does travel with her laptop to our other locations. She
can join the network fine at the other locations via DHCP, but is the
only one having trouble at this locale. The user only connects to our
network here, so it is the same domain regardless of what location she
is at. Each location has its own win 2000 server that acts as a file
server and a DC for that location due to slow communication lines. The
DNS/DHCP servers are configured exactly alike at each location.

By disjoining/rejoining occasionally the problem is solved and she is
fine until she travels and logs in at another location and then upon
returning to her main office she gets an error stating that her account
is disabled (and it is not in AD). Logging in locally as the admin and
disjoin/rejoin generally fixes it until the next time as I said. The
main problem is that all of our laptops here are WinXP Sp1 and this is
the only newer one that is SP2, and it is strange that it is only at
this location that we have this problem and only with this one laptop.
Other users go from building to building and never have login issues. I
did ensure that the SP2 firewall was off.

The other oddity is that while she cannot login to the network (gets
the error about the account being disabled) I can VNC into the laptop
via the hostname in DNS or the IP address just fine... so DHCP and DNS
has to be OK it would seem. This is a strange one, and has me pretty
stumped at this point. Any help is appreciated.

Thanks,
- DT
 
D

Dave Patrick

This still doesn't make much sense. The user account and machine account are
two completely separate entities. the next time it happens have the user try
logging on to a different workstation. Also posting error messages verbatim
helps immensely.

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

| The "her account" was referring to the user. She is mainly at 1
| location, but does travel with her laptop to our other locations. She
| can join the network fine at the other locations via DHCP, but is the
| only one having trouble at this locale. The user only connects to our
| network here, so it is the same domain regardless of what location she
| is at. Each location has its own win 2000 server that acts as a file
| server and a DC for that location due to slow communication lines. The
| DNS/DHCP servers are configured exactly alike at each location.
|
| By disjoining/rejoining occasionally the problem is solved and she is
| fine until she travels and logs in at another location and then upon
| returning to her main office she gets an error stating that her account
| is disabled (and it is not in AD). Logging in locally as the admin and
| disjoin/rejoin generally fixes it until the next time as I said. The
| main problem is that all of our laptops here are WinXP Sp1 and this is
| the only newer one that is SP2, and it is strange that it is only at
| this location that we have this problem and only with this one laptop.
| Other users go from building to building and never have login issues. I
| did ensure that the SP2 firewall was off.
|
| The other oddity is that while she cannot login to the network (gets
| the error about the account being disabled) I can VNC into the laptop
| via the hostname in DNS or the IP address just fine... so DHCP and DNS
| has to be OK it would seem. This is a strange one, and has me pretty
| stumped at this point. Any help is appreciated.
|
| Thanks,
| - DT
|
 
D

dominictiberio

Dave said:
This still doesn't make much sense. The user account and machine account are
two completely separate entities. the next time it happens have the user try
logging on to a different workstation. Also posting error messages verbatim
helps immensely.

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect
Click to expand...

OK, the best I can find is that on the server in the event log I have
event ID 5723 entries from that terminal. I understand that the user
account and the computer account are not associated, and I know for a
fact it is not a user account issue, but that is the error she gets
when trying to log in.

The only other strange phenomenon is that upon getting a DHCP lease and
logging in, the entry in the DHCP server under leases shows the other
(that logs in fine) laptop as laptop1.mycompany.lan as the name, and
this laptop shows as just: "laptop2." with no domain afterwards. I have
checked HKLM under tcpip parameters, and the correct domain is there.

It seems like it is either related to the computer name, or it may be a
DNS issue. It is a strange problem and there really are no error
messages to quote unfortunately. She can log in fine at any of the
desktop PC's at the location that have static IP's. And other laptop
users can log in fine via DHCP at this location.

- DT
 
D

Dave Patrick

OK, that seems to narrow it down to the computer account; not the user
account. These articles may help.

http://support.microsoft.com/?kbid=216393
http://support.microsoft.com/?kbid=260575
http://support.microsoft.com/?kbid=831348
http://support.microsoft.com/?kbid=150518
http://support.microsoft.com/?kbid=823659

--

Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

| OK, the best I can find is that on the server in the event log I have
| event ID 5723 entries from that terminal. I understand that the user
| account and the computer account are not associated, and I know for a
| fact it is not a user account issue, but that is the error she gets
| when trying to log in.
|
| The only other strange phenomenon is that upon getting a DHCP lease and
| logging in, the entry in the DHCP server under leases shows the other
| (that logs in fine) laptop as laptop1.mycompany.lan as the name, and
| this laptop shows as just: "laptop2." with no domain afterwards. I have
| checked HKLM under tcpip parameters, and the correct domain is there.
|
| It seems like it is either related to the computer name, or it may be a
| DNS issue. It is a strange problem and there really are no error
| messages to quote unfortunately. She can log in fine at any of the
| desktop PC's at the location that have static IP's. And other laptop
| users can log in fine via DHCP at this location.
|
| - DT
|
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Got DHCP address; Vista machine says No Router 5
Pass Change Issue 10
Firewall? 1
Lock user from altering account 1
WAP and DHCP handoff 0
Outlook does not Automatically Send/Receive 3
Accessing files in windows 2000 1
Problems when someone else owns the laptop you use. 5

Top