Valid user account can not authenticate on PC

We have Active Directory and one of our user at our Italy office can no longer login on his PC with his valid AD user account.  I can log in as him from my office in Michigan.  We have Windows 2003 server as our DCs.  We know his account is good.  What can I do to resolve this issue for him?  Thanks.
PSCheng51Asked:
Who is Participating?
 
jburgaardCommented:
If you are sure the pw is so simple that no misunderstanding is possible &
the DC's are in sync (DCDIAG)
- then my guess is corrupt machine account.
If so let him log in as local admin
Take PC from domain to workgroup
from workgroup add to domain.


0
 
PSCheng51Author Commented:
He was able to get in via OWA to read email.  His pw is correct.

Can he use his own account to add his PC back into the domain?  We can not let him have the Administrator password.
0
 
Toni UranjekConsultant/TrainerCommented:
Hi!

First you have to reset his computer account in Active directory users and computers, then he can rejoin domain. Every user can add up to 10 computers to domain without having domain admin permissions. But he has to be local administrator.

HTH

Toni
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
PSCheng51Author Commented:
I will contact him and go over the procedure with him.
0
 
jburgaardCommented:
Just to be sure: No one else can log into this PC?

Before going to the domain<->workgroup stunt, be sure the basic network IS running (eg ping dc by name)
0
 
PSCheng51Author Commented:
He can login locally on his local account.  He has access to his email via OWA.  So the network is running.

I may ask him to add the DC IP to his hosts file.  Do you think that may help?
0
 
Toni UranjekConsultant/TrainerCommented:
No need to mess arounf with hosts file if "nslookup dc.domain.com" returns correct IP. Substitute dc.domain.com with FQDN of your DC.
0
 
PSCheng51Author Commented:
What happens if it does not work?
0
 
Toni UranjekConsultant/TrainerCommented:
If what does not work? Nslookup? The change clients DNS settings first, point to DNS which holds your SRV resource records. You won't be able to rejoin domain if DNS is not working and this might be the reason that you can not login. Although I believe cached credentials should allow users to logon on in case of networking problems.
0
 
jburgaardCommented:
Rejoining domain?
The local accouts will continue to work
0
 
PSCheng51Author Commented:
Thanks for the info.  Our Italian coworked went on vacation for 2 weeks,  I will get with hin after his return.  Thanks again.
0
 
PSCheng51Author Commented:
When he got back from vacation, his notebook worked as before the problem.  Go figure.  Thanks for your help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.