Domain User is not User on Local Machine

  • Thread starter Thread starter Gregor Cunningham \(Boys & Girls Clubs\)
  • Start date Start date
G

Gregor Cunningham \(Boys & Girls Clubs\)

I have a new 2003 domain logons seem to work, although
painfully slow. All network permissions and resources are
available as should be, however the user is not in the
list of local users, nor can I access the domain user list
about 3/4 of the time. Even when I do bring up the list I
get a domain conection error when trying to add a domain
user. I first found this problem when the local domain
user did not have permissions to run programs, printers
would become unavailable speratically, etc. I do get a
head with a question mark and a coded string in place of
the Domain User on the local User setup. This is all
happening on the XP Pro local machines. The 2000
workstations and 98 seem to work just fine. I am a little
hesitent to wipe and reload XP on the rest of my network
until I can set the Domain Users as Local Admins. Any
Ideas?

TIA Gregor
 
How is your DNS set up? Do you have your XP machines pointing only to the
DNS servers used by your Active Directory?

Oli
 
I am not really sure. I know I set up DNS as part of the
Active Directory. Beyond that, I have not made any
alterations. I have a single server that serves as domain
and file server. My DHCP is my router (disabled DHCP in
services) and my server recieves IP and DNS server
addreses dynamically as do the 20 computers or so on my
network. Is this the culprit. should I set my server as
the DHCP. If so how do I get the network computers to use
my internal DNS and still get external DNS info? I am
confused.

Any help with best practice would be appriciated.
 
That sounds like the problem.

Active Directory requires DNS to run. The normal setup for a small company
such as yours is as follows:

In the DNS settings for the computer (those accessed through the TCP/IP
properties of your network connection), the server should point to itself
ONLY.

You then configure a forwarder in the DNS MMC snap-ip that points to your
ISP's DNS server.

In the router's DHCP config, the only DNS number that should be dished out
is the IP address of your server that's running DNS. That way, your
workstations use your server to do DNS lookups and if the server can't
answer the lookup, it asks your ISP's DNS server on behalf of the client
computer.

Hope this helps.

Oli
 
Incidentally, you would not normally want to configure your users to be
local users of their computer (although their domain account may be placed
in a group such as Power Users or Administrators, if required).

Regards

Oli
 
Back
Top