One user cannot log into domain

[Guest]

I apologize in advance if this is not the correct location for this.

What I have is a small network, with a Win2003 DC and 10 workstations. On
the server, there is a security group called "people." All users are members
of the group "people". Each XP workstation is joined to the domain, and each
has domain name\people in the local administrators group. That way they can
be local admins on their personal machine. Any user can go to any machine
and log into the domain. What we've gotten all of a sudden, is on one
particular machine, one particular user can no longer log in to the domain.
They get the invalid username or password error message. The username and
password are correct, as we can log into any of the other workstations using
those credentials, just not this one. This user has been able to log in to
this workstation before, just not in the last month or so. I checked the
folder for this user in documents and settings and checked effective
permissions and all are granted. I just cannot figure out where to go now.
All other users can log into this machine with no problem. I don't see
anything in the event viewer relating to this, so I'm out of ideas. I am
assuming that possibly the SID for this user is cached somewhere and it's
corrupt or something along those lines, but I don't know where that would be.
Any help, or ideas would be greatly appreciated. Thanks.

John

 

[Lanwench [MVP - Exchange]]

In

I apologize in advance if this is not the correct location for this.

What I have is a small network, with a Win2003 DC and 10
workstations. On the server, there is a security group called
"people." All users are members of the group "people". Each XP
workstation is joined to the domain, and each has domain name\people
in the local administrators group. That way they can be local admins
on their personal machine.

Oooh, that is a bad idea. What's the justification for that?

Any user can go to any machine and log
into the domain. What we've gotten all of a sudden, is on one
particular machine, one particular user can no longer log in to the
domain. They get the invalid username or password error message. The
username and password are correct, as we can log into any of the
other workstations using those credentials, just not this one. This
user has been able to log in to this workstation before, just not in
the last month or so. I checked the folder for this user in
documents and settings and checked effective permissions and all are
granted. I just cannot figure out where to go now. All other users
can log into this machine with no problem. I don't see anything in
the event viewer relating to this, so I'm out of ideas. I am
assuming that possibly the SID for this user is cached somewhere and
it's corrupt or something along those lines, but I don't know where
that would be. Any help, or ideas would be greatly appreciated.
Thanks.

If you use roaming profiles, delete the locally cached copy. Or, rename the
roaming profile folder and have the user log in to re-create the roaming
one.
Or, blow away the user's cached profile (control panel | system ....) and
try again, and recreate the profile.

You should also download & install the "User Profile Hive Cleanup Utility"
from MS - on all machines. It helps a lot.

There are too many dangerous things that users can deliberately, or
inadvertently, do when they have local administrator rights - or even power
user. I would remove "People" from the local admin groups immediately - if
you keep your workstations standard/stable, you are unlikely to have many
problems with them.