Network Login Problem; xp workstation can't find domain

G

Guest

Problem is have 1 or more xp pro workstations that cannot logon to the
network. The error message says username/password issue OR domain <name> is
unavailable.

It's not always the same machine(s) being affected.

I am wondering if a wireless router could be causing the
problem....competing DHCP from firewall and wireless router. Is that
possible?I manage a domain with a win2k server and a 2003 server as domain
controllers. Workstations in domain are pretty much all xp pro. THey are
replicating.

There is one 98 box and one XP Home machine connected to the network.
 
C

Chuck

Problem is have 1 or more xp pro workstations that cannot logon to the
network. The error message says username/password issue OR domain <name> is
unavailable.

It's not always the same machine(s) being affected.

I am wondering if a wireless router could be causing the
problem....competing DHCP from firewall and wireless router. Is that
possible?I manage a domain with a win2k server and a 2003 server as domain
controllers. Workstations in domain are pretty much all xp pro. THey are
replicating.

There is one 98 box and one XP Home machine connected to the network.
Click to expand...

I'd bet a DHCP or DNS issue. DHCP could lead to the DNS issue, and a WiFi
router (or any router) could lead to the DHCP problem. If the router has DHCP
enabled.

If you have a Windows 2000 / 2003 domain, you should have DHCP and DNS very
carefully setup.
<http://nitecruzr.blogspot.com/2005/05/windows-xp-on-nt-domain.html>
http://nitecruzr.blogspot.com/2005/05/windows-xp-on-nt-domain.html

If you have a rogue DHCP server, that doesn't have the right settings, you'll
have intermittent problems like this.

Look at "ipconfig /all", from each problem computer, and from one or two working
computers, and diagnose the problem.
<http://nitecruzr.blogspot.com/2005/05/troubleshooting-network-neighborhood.html#AskingForHelp>
http://nitecruzr.blogspot.com/2005/05/troubleshooting-network-neighborhood.html#AskingForHelp
 
G

Guest

I'll try unplugging the wireless router for a week and see what happens.
Previous week there definitely was a DNS issue. The two servers were not
replicating. Backed up systemstate. Ended up removing DNS from 2003 server.
Tested. Then ran DCPromo to removed Active Directory. Rebooted then
reinstalled DNS and ran DCPromo again. The servers were doing fine by last
friday.

So I am pretty sure DNS/Active Directory is not the domain issue. The only
thing I can remember that changed since last Friday is a request to plug in
the wireless router. So I moved it and plugged it in for a user.

2 days later, I'm installing some devices onto a workstation and my
workstation can't find the domain.
 
C

Chuck

I'll try unplugging the wireless router for a week and see what happens.
Previous week there definitely was a DNS issue. The two servers were not
replicating. Backed up systemstate. Ended up removing DNS from 2003 server.
Tested. Then ran DCPromo to removed Active Directory. Rebooted then
reinstalled DNS and ran DCPromo again. The servers were doing fine by last
friday.

So I am pretty sure DNS/Active Directory is not the domain issue. The only
thing I can remember that changed since last Friday is a request to plug in
the wireless router. So I moved it and plugged it in for a user.

2 days later, I'm installing some devices onto a workstation and my
workstation can't find the domain.
Click to expand...

I'll get you thru this, if you work with me. How much can you learn by
unplugging the WiFi router?

If you HAVE DNS setup on the domain, then I'll bet the router is a rogue DHCP
server.

Compare ipconfig between working and problem computers.

Don't unplug the thing, check its setup. And check the setup on the computers.
Know what the problem is. If you're going to manage a domain, you need to know
more than what you learn by unplugging the router for a week. Of course, your
user who has to do without the router for a week won't be so thrilled either.
 
G

Guest

The question is how to set up the wireless router. Can I make it just it an
access point? The Dlink wireless router, possible rogue, is plugged into one
of the ports on the sonicwall. DLink is 192.168.0.1.

The main DHCP server is the sonicwall firewall 192.168.1.1. Network/Domain
DNS provided by a Win2K Srv (192.168.1.2) and Win2003 Srv (192.168.1.3).

Thoughts, Chuck?
 
G

Guest

The main reason for unplugging the wireless router is that I don't remember
this issue happening before the wireless router was powered up.

I hear what you're saying about checking the ip configurations. Here's the
2nd wrinkle. I can't logon to the machine locally. No one at the school
knows what the local administrator password is. I'm going through and
changing it when I can by. I could not login to the domain on this machine
 
G

Guest

reread your previous post. So log into the wireless router and disable
DHCP. (rather than simply unplug it)
 
C

Chuck

reread your previous post. So log into the wireless router and disable
DHCP. (rather than simply unplug it)
Click to expand...

The best idea is indeed to make it a WAP.
# Don't connect the WAN on the WiFi router to anything. Connect a LAN port on
the router, as a peer, to the main router.
# Change the LAN on the WiFi router, to a fixed address on the main LAN, but
outside the scope of the DHCP server. This is if you want to be able to manage
it from a computer on the LAN.
# Disable the DHCP server on the WiFi router.
<http://nitecruzr.blogspot.com/2005/06/file-sharing-on-lan-with-two-routers.html>
http://nitecruzr.blogspot.com/2005/06/file-sharing-on-lan-with-two-routers.html

And I hear your frustration. I'll help you any way I can.

BTW, you are securing the WiFi LAN, I hope?
<http://nitecruzr.blogspot.com/2005/05/setting-up-wifi-lan-please-protect.html>
http://nitecruzr.blogspot.com/2005/05/setting-up-wifi-lan-please-protect.html
 
G

Guest

Chuck thanks for the links to you blogspot articles. Nice tools and such.
Never knew about net config command. Awesome stuff.

You answered my question about which port. WOnderful. I'll be at the
school at 7:3O am to make those suggested changes. I'll let you know.

Take care,

Nate
 
G

Guest

Chuck, I made the changes you recommended this morning at the school.
Hopefully the problem will be solved. I will let you know.
 
G

Guest

Chuck, it doesn't look like making those changes to the dlink router did NOT
solve this pesky login problem. Problem moves from machine/user account to
machine/user account. The will get the same message domain being
unavailable. So I'm guessing it's not with the workstation. Something
central.

I will look at DC logs and one of the problematic logs to see what entries
are there to give more clues. There seems to have been 1 type of login
problem or another on this network.

Server logs seem like the next place to start.
 
C

Chuck

Chuck, it doesn't look like making those changes to the dlink router did NOT
solve this pesky login problem. Problem moves from machine/user account to
machine/user account. The will get the same message domain being
unavailable. So I'm guessing it's not with the workstation. Something
central.

I will look at DC logs and one of the problematic logs to see what entries
are there to give more clues. There seems to have been 1 type of login
problem or another on this network.

Server logs seem like the next place to start.
Click to expand...

Nate,

The server logs are good to look at. But you should make sure that you know
what difference your changes made, if anything. You're going to need to look at
the "ipconfig /all" output, from working and non-working computers, to start.
If your network is IP based, that's the bottom layer. Start at the bottom.
<http://nitecruzr.blogspot.com/2005/08/solving-network-problems-tutorial.html>
http://nitecruzr.blogspot.com/2005/08/solving-network-problems-tutorial.html
<http://nitecruzr.blogspot.com/2005/05/reading-ipconfig-and-diagnosing.html>
http://nitecruzr.blogspot.com/2005/05/reading-ipconfig-and-diagnosing.html
 
G

Guest

Chuck,

I have solved a bit of the Domain not available issue. While I was fixing a
firewall/dhcp device errors, I using my laptop to check IP addresses, etc. on
Friday. Well, imagine my surprise when I found out DHCP services were also
being offered on the network by the Win2K DC... Changing DHCP scopes so none
overlapped seemed to do the trick. Check this morning and seems like things
are moving better.

THere is still a DNS issue with the 2000 and 20t03 Servers not properly
replicating. I'll solve that one.

So far so good this week. Thanks a BUNCH for all you help.
 
R

Richard G. Harper

One thing you might want to check is DNS settings - be sure that both
servers are looking to the same DNS server for name resolution. You might
also consider checking event logs to see if they have any clues as to the
failure to synchronize. You could also install the Windows Server 2003
Administration Tools and use the Replication Monitor to see what's happening
between the DCs in real-time.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
G

Guest

Thanks Richard and Chuck....things are running much better. Login issue
solved. I did fix the DC Replication error. Found some great tools to use
in the Server 2003 Admin Tools collection you mentioned.

Here's the deal: when I got the network there were 3 possible DHCP
servers...DLink Wireless router, Sonicwall firewall, and Win2K AD Server...
I initially didn't know about the wireless nor the Win2K box. Funny little
login issue occurred. I could tell how often or how long this had been going
on until I had a chance to visit with all of this small school's faculty.
They let me know these type of issues had been going on for about a year...
So I configured the Dlink as an access point with Chucks help.
Have since disabled the DHCP on the Sonicwall.
DCdiag and Readmin gave me great tools to troubleshoot and solve the
replication error.

So now having turned off DHCP on the sonicwall, I'm off to figure out how I
can get it to give me an IP when I connect with my sonicwall client.

Richard G. Harper said:
One thing you might want to check is DNS settings - be sure that both
servers are looking to the same DNS server for name resolution. You might
also consider checking event logs to see if they have any clues as to the
failure to synchronize. You could also install the Windows Server 2003
Administration Tools and use the Replication Monitor to see what's happening
between the DCs in real-time.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


Nate said:
Chuck,

I have solved a bit of the Domain not available issue. While I was fixing
a
firewall/dhcp device errors, I using my laptop to check IP addresses, etc.
on
Friday. Well, imagine my surprise when I found out DHCP services were
also
being offered on the network by the Win2K DC... Changing DHCP scopes so
none
overlapped seemed to do the trick. Check this morning and seems like
things
are moving better.

THere is still a DNS issue with the 2000 and 20t03 Servers not properly
replicating. I'll solve that one.

So far so good this week. Thanks a BUNCH for all you help.
Click to expand...
Click to expand...
 
C

Chuck

Rogue DHCP servers can cause grief indeed. Glad it worked out for you.
Thanks Richard and Chuck....things are running much better. Login issue
solved. I did fix the DC Replication error. Found some great tools to use
in the Server 2003 Admin Tools collection you mentioned.

Here's the deal: when I got the network there were 3 possible DHCP
servers...DLink Wireless router, Sonicwall firewall, and Win2K AD Server...
I initially didn't know about the wireless nor the Win2K box. Funny little
login issue occurred. I could tell how often or how long this had been going
on until I had a chance to visit with all of this small school's faculty.
They let me know these type of issues had been going on for about a year...
So I configured the Dlink as an access point with Chucks help.
Have since disabled the DHCP on the Sonicwall.
DCdiag and Readmin gave me great tools to troubleshoot and solve the
replication error.

So now having turned off DHCP on the sonicwall, I'm off to figure out how I
can get it to give me an IP when I connect with my sonicwall client.

Richard G. Harper said:
One thing you might want to check is DNS settings - be sure that both
servers are looking to the same DNS server for name resolution. You might
also consider checking event logs to see if they have any clues as to the
failure to synchronize. You could also install the Windows Server 2003
Administration Tools and use the Replication Monitor to see what's happening
between the DCs in real-time.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


Nate said:
Chuck,

I have solved a bit of the Domain not available issue. While I was fixing
a
firewall/dhcp device errors, I using my laptop to check IP addresses, etc.
on
Friday. Well, imagine my surprise when I found out DHCP services were
also
being offered on the network by the Win2K DC... Changing DHCP scopes so
none
overlapped seemed to do the trick. Check this morning and seems like
things
are moving better.

THere is still a DNS issue with the 2000 and 20t03 Servers not properly
replicating. I'll solve that one.

So far so good this week. Thanks a BUNCH for all you help.
Click to expand...
Click to expand...
Click to expand...
 
R

Richard G. Harper

I'm glad I was able to help you get it sorted out.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


Nate said:
Thanks Richard and Chuck....things are running much better. Login issue
solved. I did fix the DC Replication error. Found some great tools to
use
in the Server 2003 Admin Tools collection you mentioned.

Here's the deal: when I got the network there were 3 possible DHCP
servers...DLink Wireless router, Sonicwall firewall, and Win2K AD
Server...
I initially didn't know about the wireless nor the Win2K box. Funny
little
login issue occurred. I could tell how often or how long this had been
going
on until I had a chance to visit with all of this small school's faculty.
They let me know these type of issues had been going on for about a
year...
So I configured the Dlink as an access point with Chucks help.
Have since disabled the DHCP on the Sonicwall.
DCdiag and Readmin gave me great tools to troubleshoot and solve the
replication error.

So now having turned off DHCP on the sonicwall, I'm off to figure out how
I
can get it to give me an IP when I connect with my sonicwall client.

Richard G. Harper said:
One thing you might want to check is DNS settings - be sure that both
servers are looking to the same DNS server for name resolution. You
might
also consider checking event logs to see if they have any clues as to the
failure to synchronize. You could also install the Windows Server 2003
Administration Tools and use the Replication Monitor to see what's
happening
between the DCs in real-time.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


Nate said:
Chuck,

I have solved a bit of the Domain not available issue. While I was
fixing
a
firewall/dhcp device errors, I using my laptop to check IP addresses,
etc.
on
Friday. Well, imagine my surprise when I found out DHCP services were
also
being offered on the network by the Win2K DC... Changing DHCP scopes
so
none
overlapped seemed to do the trick. Check this morning and seems like
things
are moving better.

THere is still a DNS issue with the 2000 and 20t03 Servers not properly
replicating. I'll solve that one.

So far so good this week. Thanks a BUNCH for all you help.
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Unable to access default shares on domain 1
Domain Login Slow 2
domain/workgroup login problem 2
WinXP-Pro Trust Relationship Failed to Join Domain 1
Can't access shared files on network 2
cannot obtain domain controller name 3
Problem mapping network shares in domain 3
Unable to ping a workstation 7

Top