We help IT Professionals succeed at work.

Can't login into pc locally or to domain after removing and attempting to add back to domain

Ima Selco
Ima Selco asked
Medium Priority
Last Modified: 2008-05-31
The pc is actually a laptop that I connected to the network and successfully logged in locally and to the domain.
It is running windows xp and I have a w2k3 domain (recently upgraded).

It all started with not being able to run windows update. I followed the instructions to enable that but still wasn't able to run windows update.
Another admin suggested I remove the laptop from the domain and add it back in. Before doing that I made sure that the local admin account worked so I logged in locally using that account - worked.  So what I did was to remove it from the domain from the currently logged in session at that laptop then as an added measured at a second nearby workstation removed the laptop from Users & Computers as well.
I restarted logged back in locally then proceeded to add it back into the domain it asked for  authorized credentionals to add the laptop. I entered those hit ok then restarted as directed. After that when attempting to login I got 'building domain list' whether local or domain login. Found that I could hit CRTL+ALT+DEL to bypass that but then received the message that no domain available. I get this whether logging in locally or to the domain.
Anyone have any ideas? I don't want to have to wipe this thing because of what has been installed mostly the amount of time to do all that.
Watch Question

Most Valuable Expert 2011
Top Expert 2011
Tried Safe Mode, with the local Adminstrator credentials?
Most Valuable Expert 2011
Top Expert 2011
Forgot the Administrator's Password? - Windows Password Recovery ...

I Forgot My Administrator Password!

Forgot the Administrator password - Alternate Method - The LOGON.SCR trick

I will not go into details about the freeware tools, as it is considered a hack method. There are 2 methods in those links that are legitimate tricks, using your Windows CD and COA...
Hey - here are three things to check before going any further on this:
1) DNS settings on the pc (I'd dump/repair the IP settings for the NIC, too)
2) Check the security logs at the DC to see if the pc hit the network at all
3) Go to Control Panel > User Accounts and click on the "Advanced" tab, then click on the "Manage Passwords" button. In the dialog that opens, if you see any entries that could pertain to your domain environment then remove them and reboot.  Cached account passwords (from before the initial domain add/removal) in this utility can hose NTLM authentication.

If none of that pans out then I'd be curious to know the timing of the pc's add/removal from the domain and the upgrading of the DC (also whether the DC has SP2).  Last ditch effort would be to run ADSIedit and see if there's any residual in the schema from the first domain membership of the pc.

As for the initial problem with the Windows updates, I've seen good techs get really stumped after it's been inadvertently added to the IE Restriced Sites... not somthing you'd expect but I've seen it happen.

Good luck!
Feroz AhmedSenior Network Security  / Senior System Engineer

The Domain Name you have entered is incorrect or your account has been locked through Active Directory ,contact your System Administrator to unlock your Account,or else your password might have expired,if you know the ip address of your Domain Controller just try to ping and make sure you are entering the correct Domain Name.