Unable to connect to domain when network disconnected

  • Thread starter Thread starter Robbie
  • Start date Start date
R

Robbie

First off, I'm no Active Directory guro so bare with me.... on my question.
I'm desktop support and I'm working where they are pushing a huge
installation of Active Directory to the clients. The problem that we're
seeing is on laptops and after being AD migrated users then unplug from the
network (to work from home etc) and when they trying loggin back into the
domain they get an error that the domain is unavailable. We were orignally
told that the cache credentials were not being installed so we would leave
the pc on the network for a longer period of time, but this didn't make a
difference. We've removed the pc from the domain and added it back in, but
that didn't help any. Now they are telling us, that in order to fix them is
to re-image the PC's..

Does anyone have any ideas why users cann't login into the PC when not
conneced to the network.

They are failing randomly, no specific model. All f them are running
Windows 2000.

Hopefully someone has an answer or seen this before,

Please advice.

Thanks in advance

Robbie
 
Hello Robbie,

To use the cached credentials on the workstation without the domain, the
user have to login ONCE to the domain with his user account and password.
Did they do it?

Best regards

myweb
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
 
First off, I'm no Active Directory guro so bare with me.... on my question.
I'm desktop support and I'm working where they are pushing a huge
installation of Active Directory to the clients. The problem that we're
seeing is on laptops and after being AD migrated users then unplug from the
network (to work from home etc) and when they trying loggin back into the
domain they get an error that the domain is unavailable. We were orignally
told that the cache credentials were not being installed so we would leave
the pc on the network for a longer period of time, but this didn't make a
difference. We've removed the pc from the domain and added it back in, but
that didn't help any. Now they are telling us, that in order to fix them is
to re-image the PC's..

Does anyone have any ideas why users cann't login into the PC when not
conneced to the network.

They are failing randomly, no specific model. All f them are running
Windows 2000.

Hopefully someone has an answer or seen this before,

Please advice.

Thanks in advance

Robbie
Click to expand...
If your users get "The system cannot log you on now because the domain
%domainname% is not available" message make sure you've set
'Interactive logon: Number of previous logons to cache (in case domain
controller is not available)' policy in Computer Configuration\Windows
Settings\Security Settings\Local Policies\Security Options to the
needed number of cached unique accounts. Also check 'Interactive
logon: Require Domain Controller authentication to unlock' policy is
set to Disabled because if it set to Enabled you would be unable to
log on with cached credentials. You wouldn't able to connect but would
be able to log on. As was already mentioned above users should log on
to their computers at least once to get the double-salted 'cache'
working.
 
Yes, they did log into the domain with their user account and password.
Actually a few times....while trying to troubleshoot problem.

Robbie
 
If you have disabled cached credentials then you will not be able to
authenticate w/o a dc and if they don't have a local account the machines
won't allow access.

http://searchwinit.techtarget.com/tip/0,289483,sid1_gci968000,00.html?topic=299542

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top