Re: Windows cannot bind to domain (Time Out)

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

If you want to determine if the users are authenticating via cached
credentials open up a command prompt and type in "set logonserver" if it
doesn't have one of your dc's in there (Has the local system) then you know
this system is using cached credentials.

To disable cached credentials see the following:

http://support.microsoft.com/default.aspx?scid=kb;en-us;242536

If W2K users aren't having problems then I doubt that this is a cache
credential problem.

--


Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.


"webby" <webby@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:323FC857-621E-4D36-800C-E60BBF8B25E8@xxxxxxxxxxxxxxxx
> Thank both of you for your replies. Some additional info:
> There are two Windows 2000 pro clients that are in these remote offices,
and
> they are not affected as the XP Pro clients are. I can browse to the
sysvol
> share. The XP firewall is off and the PIX config has not changed in two
years
> that these clients could connect. How do I get rid of the cached
> credentials? I really need to resolve this as the people in these offices
> cannot work :( I will need to check the reverse lookups, I only checked
the
> forward lookups.
>
>
> "Paul Bergson" wrote:
>
> > Here is a detailed explanation of cached credentials and how they could
> > pertain specifically to your scenario.
> >
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Operations/0bead5a1-afba-4c58-984b-11881be5348e.mspx
> >
> > When you say you have validated the dns have you tried both forward and
> > reverse lookups? Does the PIX appliance block any ports(Or is there a
> > firewall that could be doing this)? Is the xp (sp2) firewall blocking
any
> > ports.
> >
> > You can check to see if the sysvol share is connectible by opening up
> > Windows Explorer and in the address line enter \\domain_name\sysvol
example
> > \\microsoft.com\sysvol. This where your gpo's are stored.
> >
> >
> > --
> >
> >
> > Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
> >
> > This posting is provided "AS IS" with no warranties, and confers no
rights.
> >
> >
> > "webby" <webby@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> > news:B5A37408-2AD3-4AFE-A279-80CC364EC0B2@xxxxxxxxxxxxxxxx
> > > I can do a nslookup from the XP machine with no problems. I have not
> > checked
> > > cached credentials yet, that is on the Manage Passwords tab, yes?
Could
> > all 5
> > > machines be having a cached credentials issue, what would cause that?
> > Where
> > > else should I be checking to resolve this? Thanks for the help.
> > >
> > > "Paul Bergson" wrote:
> > >
> > > > Two things pop into my mind DNS and Cached Credentials.
> > > >
> > > > Couple of quick things
> > > > Can you do an nslookup correctly
> > > > Run a trace route back from the XP machine
> > > > Check your reverse zone to make sure it is correct
> > > >
> > > > Check out these two locations for users with similar problems
> > > >
> > > >
> >
http://www.eventid.net/display.asp?eventid=1006&eventno=2187&source=Userenv&phase=1
> > > >
> > > >
> >
http://www.eventid.net/display.asp?eventid=1053&eventno=1584&source=Userenv&phase=1
> > > >
> > > >
> > > > --
> > > >
> > > > Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
> > > >
> > > > This posting is provided "AS IS" with no warranties, and confers no
> > rights.
> > > >
> > > >
> > > > "webby" <webby@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> > > > news:C728C673-3E6F-476B-BFD3-933FA6C50B9F@xxxxxxxxxxxxxxxx
> > > > > I am getting this error (Event Id 1006 userenv) along with event
id
> > 1053
> > > > on
> > > > > XP clients that are connecting to our domain via a VPN over a PIX.
> > This
> > > > has
> > > > > worked for quite some time and now it is causing 45 minutes to
apply
> > > > computer
> > > > > settings, clients cannot access our Exchange server and GPO's are
not
> > > > being
> > > > > applied. There are no errors server side. I have checked DNS and I
do
> > not
> > > > see
> > > > > anything wrong. What will cause this error and how do I resolve
this?
> > > > Thanks.
> > > >
> > > >
> > > >
> >
> >
> >


.

Relevant Pages

  • Forcing authentication with a specific DC
    ... authenticates with the firewall through this site. ... is no direct internet access anywhere but in Site A. ... credentials are wrong and to enter new ones. ... but the Citrix server is still ...
    (microsoft.public.win2000.security)
  • How (best) to use web-from entry of an OTP/OPIE password to control a PF-firewall?
    ... I'm in the process of setting up my own network for my small office. ... I understand how to set up OpenVPN passthrough from a remote client ... I've installed the Lighttpd web server on the firewall. ... If the credentials are VERIFIED, then I'd like to "talk to" the PF ...
    (Security-Basics)
  • Re: How (best) to use web-from entry of an OTP/OPIE password to control a PF-firewall?
    ... I'm in the process of setting up my own network for my small office. ... I understand how to set up OpenVPN passthrough from a remote client ... I've installed the Lighttpd web server on the firewall. ... If the credentials are VERIFIED, then I'd like to "talk to" the PF ...
    (Security-Basics)
  • Integrated Authentication with trusted domain.
    ... under an app pool that is a member of INSIDE.DOMAIN. ... from outside the firewall I get prompted for credentials as expected. ... prefixes the username with the machine name. ...
    (microsoft.public.inetserver.iis.security)
  • Re: No authentication prompt
    ... a firewall or proxy server? ... I have a website that has the security set to prompt for authentication ... credentials doesn't appear and they get an error page instead. ...
    (microsoft.public.inetserver.iis)