There's a number of misunderstanding here. Ryan's already covered some of
them. I'd like to sum them all up if you don't mind...
I came in this morning and a user could not log into their workstation.
Took a look at AD and found that their computer was not in the "computers"
These two don't necessarilly go hand-in-hand. The computer account doesn't
have to reside in the computers container. This is just a default location
for the computer accounts. Most directories will move the computer accounts
into OUs so that they can delegate an amount of control over them, or apply
specific settings through GPO.
I could ping the address and checked the connection but was still unable
to connect to the domain.
The fact that you can ping the computer has no bearing to whether or not an
account for it exists within the AD. Ping is an IP-based tool that sends
ICMP echo requests to IP addresses. Pinging proves a couple of things: that
name resolution is working (if you stipulated a name not an IP address);
that the routing infrastructure is in place; and that the machine you are
pinging is indeed on and the NIC is functioning.
I logged in as administrator locally and noticed that the users ID was not
in "users and passwords" under the control panel.
The users and passwords applet deals with local users and groups. Just
because the domain user account isn't listed in here doesn't mean there's
any problems. It just means that that user account has no additional
control over this workstation, e.g. added to a local group for extra rights.
I added the user as a power user and then they were able to log into the
At the moment, I can't see why this has any bearing on our problem. Are you
sure this is the case? Is it possible that we're talking local users here?
If not, this suggests a policy in place that forbids a domain-user loggin
on. What was the exact error message you received that prohibited you
loggin on?
Any suggestions as to why the users account/computer account disappeared?
Has anyone come across this issue before?
The computer account could have been moved to another OU. It could have
been deleted by another admin. If neither of these happened, then it's
probably still there somewhere. You can search for the computer account
using the find tool in ADU&C.
Off the top of my head, at this moment in time, I'd say that the only way a
computer account being moved to a different OU could stop someone loggin on,
is if the OU it had been moved into had a strict policy in place that
disabled certain users logging on.
Paul Williams
I came in this morning and a user could not log into their workstation.
a look at AD and found that their computer was not in the "computers"
container. Everything was fine as of last week. I could ping the address
and checked the connection but was still unable to connect to the domain. I
logged in as administrator locally and noticed that the users ID was not in
"users and passwords" under the control panel. I added the user as a power
user and then they were able to log into the domain. Any suggestions as to
why the users account/computer account disappeared? Has anyone come across
this issue before?