Announcement

Collapse
No announcement yet.

login trouble: cannot find DOMAIN (Windows 2003 Server)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • login trouble: cannot find DOMAIN (Windows 2003 Server)

    I am have intermittent trouble with several of my client PCs attempting to either a) join the domain, or; b) login to the domain.

    I am running Windows 2003 SBS with all the latest patches and client machines running Win XP Pro SP2 with all the latest patches.

    This is odd, as this happens a lot, but not every time, and I have yet to be able to isolate why it works when it does.

    This is a very small network of 8 or so PCs. Wndows 2003 Server (SBS) is PDC, DNS Server and WINS server, except not a DHCP server. DHCP leases are provided by the router/firewall.

    Domain is gillco2.local. Server IP address 192.168.0.29. DHCP server provides IP address and domain name. Each client machine shows DNS servers as 192.168.0.29 and secondary of 192.168.0.1 (router/gateway address, for use when server is down, allowing Internet access). DHCP client machines show WINS server address, but do not have DNS suffix hard-coded. ipconfig confirms that the DHCP client is receiving IP address, full domain suffix and gateway. Some client machines have fixed IP addresses, and on those machines, the DNS suffix is "hard-coded" on the network connection.

    Once I get a client PC to join the domain, it is hit or miss if I am able to login to the domain again. This is true equally on DHCP client machines and fixed-IP client machines. At all times, however, network is fully funcitonal with full Internet access, and ping locally and externally. Additionally, although I cannot login to the domain, I get full resolution of a ping command naming the SBS Server, i.e., "ping DELLSERVER," or
    ping DELLSERVER.GILLCO2.LOCAL.

    Any thoughts would be appreciated.

  • #2
    > Each client machine shows DNS servers as 192.168.0.29 and secondary of 192.168.0.1

    That could be a problem. If your DC does not respond in time (for whatever reason) the workstations fails over to the other DNS that has never heard of your domain. If that happens you cannot log on, join, or do anything. You can verify this scenario using a sniffer in promiscuous mode.

    I don't think your DNS client configuration is a very good idea. All DNS servers should at least see the same namespace in order to be predictive.

    Comment


    • #3
      This is almost certainly going to be a DNS issue. Why cant your DC be the DHCP server? Have you tried a Windows 2000 client? What about the client firewall (shouldnt make a differenec but worth a try)?
      Server 2000 MCP
      Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

      Comment


      • #4
        Thanks guys.

        I am rethinking my architecture. I had wanted DHCP server to be external, and for client PCs to have access to Internet in the event that DC was down, so I have used a separate hardware firewall and DHCP server, and had each client point to the router/gateway for the second DNS server. Perhaps all that is causing undue problems.

        I did remove the secondary DNS server entry (the router/gateway), and I am getting fewer problems -- all of which, by the way, seem to be caused by the client PC not being able to athenticate to the domain. I still have a two laptops that are giving me problems, so the issue is not solved.

        All client machines run XP, so I cannot comment on the Win 2000 issue.

        Firewall is not an issue, even on client machines. I wonder, however, about AV programs. I have read about some anti-virus programs interfering with domain authentication. I am using Norton Internet Security 2004 installed on the client.

        I will also try using the native DHCP server in Win 2003 server, and disabling the external DHCP server.

        Comment


        • #5
          Let us know how that goes. Good luck
          Server 2000 MCP
          Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

          ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

          Comment


          • #6
            Re: login trouble: cannot find DOMAIN (Windows 2003 Server)

            I am having this same issue.

            Have you checked your event log on the server?

            just for *** & ***** try typing the password wrong to see if you get the same error message.

            Comment

            Working...
            X