PSCheng51
asked on
Valid user account can not authenticate on PC
We have Active Directory and one of our user at our Italy office can no longer login on his PC with his valid AD user account. I can log in as him from my office in Michigan. We have Windows 2003 server as our DCs. We know his account is good. What can I do to resolve this issue for him? Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I will contact him and go over the procedure with him.
Just to be sure: No one else can log into this PC?
Before going to the domain<->workgroup stunt, be sure the basic network IS running (eg ping dc by name)
Before going to the domain<->workgroup stunt, be sure the basic network IS running (eg ping dc by name)
ASKER
He can login locally on his local account. He has access to his email via OWA. So the network is running.
I may ask him to add the DC IP to his hosts file. Do you think that may help?
I may ask him to add the DC IP to his hosts file. Do you think that may help?
No need to mess arounf with hosts file if "nslookup dc.domain.com" returns correct IP. Substitute dc.domain.com with FQDN of your DC.
ASKER
What happens if it does not work?
If what does not work? Nslookup? The change clients DNS settings first, point to DNS which holds your SRV resource records. You won't be able to rejoin domain if DNS is not working and this might be the reason that you can not login. Although I believe cached credentials should allow users to logon on in case of networking problems.
Rejoining domain?
The local accouts will continue to work
The local accouts will continue to work
ASKER
Thanks for the info. Our Italian coworked went on vacation for 2 weeks, I will get with hin after his return. Thanks again.
ASKER
When he got back from vacation, his notebook worked as before the problem. Go figure. Thanks for your help.
ASKER
Can he use his own account to add his PC back into the domain? We can not let him have the Administrator password.