Re: Unable to log on with a domain account
- From: "Hank Arnold (MVP)" <rasilon@xxxxxxx>
- Date: Tue, 23 Oct 2007 06:54:41 -0400
Dups wrote:
Ok - I found something that seems to have worked. I thought I would post it in case someone else has this same problem in the future.
We went from the domain to a workgroup. Changed the computer name to something we never used before and never used to put on the domain. Rebooted. Added the PC to the domain with this new name that we never used in the past. Rebooted and now we can log in fine with an AD account.
"Dups" wrote:
I have a workstation that is on the domain. My colleague logged on this morning using his domain username and was able to log on fine. Eventually, the PC was lagging and he decided to do a reboot. After rebooting he was unable to log on with his domain user account. He would get the following error "Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or becuase your computer account was not found."
So, we tried two other AD accounts and the same error occurs. I spoke with an AD admin and we tried the following. I had him flush the computer account from the domain controller. On the PC we removed the PC from the domain and added it to a workgroup. Did the required reboot. Logged on. I had the AD admin add the computer to the domain using the same computer name that he previously flushed. He authenticates the addition of the PC with the domain controller. It gives the welcome to the AD domain message and asks for us to reboot. So at this point it obviously has the ability to communicate with a domain controller.
I reboot after adding the computer to the domain and try logging on with my AD account. Same error.
I verified the local admin group and our AD accounts are in that group. I even removed my name and re-added my name to the group. That had no problem. Once again showing that it can communicate with the domain controller.
So basically I can do anything minus log on to the computer using AD accounts.
Anyone have any ideas? I'm baffled.
You may not have waited long enough for AD to completely delete the account. Do you have more than one DC?
I usually wait at least 15 minutes to let all the DCs replicate the changes.
--
Regards,
Hank Arnold
Microsoft MVP
Windows Server - Directory Services
.
- Follow-Ups:
- Re: Unable to log on with a domain account
- From: Dups
- Re: Unable to log on with a domain account
- Prev by Date: RE: Removing Certificate server
- Next by Date: Re: Locking down Mozilla
- Previous by thread: user account
- Next by thread: Re: Unable to log on with a domain account
- Index(es):
Relevant Pages
|
