Solved

Remote PC cannot contact Domain Controller.

Posted on 2008-10-30
9
725 Views
Last Modified: 2012-06-27
We have a remote facility that's connected by a dedicated T1.  The setup goes like this, from our main site we have a Cisco router, which then goes to the remote site to another Cisco router, and from there it goes through a Linksys router that is performing NAT and DHCP for the PC's there.  We had to do this b/c at the time we were unsure how to forward DHCP requests through the Cisco.  Basically the Linksys sees the Cisco as the internet as it's plugged into it's WAN port.  Up until now this has been working, and users could access their email, the internet, and files.  Now one particular user cannot access email or shared files.  When she tried to access a share via UNC path she would be prompted for authentication, but when she put her username and password in she would get the message "The login was unsuccessful.  The username typed is the same as the login.  A DC cannot be found to authenicate the login (Paraphrased)"  After many different attempts we tried removing it from the domain, which worked, but now when trying to add it back it can't find the DC.

The funny thing is, when it was still joined, she could access the internet and ping our DC by IP.  Also, when trying to access shared files and being prompted for authentication, if you put incorrect info for the username and password, then the correct info on the reprompt, it would let her access the shares.

I'm truly stumped on this one.
0
Comment
Question by:Go-GBS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
9 Comments
 
LVL 4

Expert Comment

by:bmonroe44
ID: 22845341
Is there DNS resolution between the sites? Forward DNS through your Router on both sides.
She must have had a cached profile and now it cannot connect to the DC to authenticate.
0
 
LVL 1

Expert Comment

by:lwu168
ID: 22845356
I would remove the Linksys router from the picture.  It act as a NAT Pool.
   
1. You can forward the DHCP request from the Cisco router by adding a ip helper statement on the interface that interconnect with the Linksys, "ip helper-address xxx.xxx.xxx.xxx(ip address of your dhcp server)".  Setup the DHCP scope on your DHCP server.

2. You can also use the Cisco Router that does DHCP.
ip dhcp pool xyzcompany
      network 192.168.1.0 255.255.255.0
      domain-name xyzcompany.com
      dns-server 192.168.2.2 192.168.3.3
      netbios-node-type h-node
0
 

Author Comment

by:Go-GBS
ID: 22846733
How do you forward DNS through a Cisco Router?  Also, I do have it setup to forward DHCP, but it might be a little while until I can make it to the site.  

One more thing to note, I had someone else try to logon to this PC and were unable to as well, but she was able to logon to a different PC w/o a problem.

The other thing with the profile, now that it's off the domain, is that we're using the local admin account, so I'm not sure it could be related to just that profile.
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 
LVL 1

Accepted Solution

by:
lwu168 earned 500 total points
ID: 22846992
You do not forward DNS through the router, the DNS information is specify from the DHCP server.  The DNS traffic is routed through the router.  I am not sure how many machines you have behind that linksys router, Let say you have 10 machines getting an IP from the linksys, from the Domain Controller prospect it's only talking to one computer.  You can probably add the machine to the domain if you shut down all other machine but as soon as there are more than one machine are on the linksys network there is going to be some communication issue with the domain controller.  My suggestion is to get rid of the linksys router.  
0
 

Author Comment

by:Go-GBS
ID: 22895859
Ok, the Linksys is out of the loop, it's only serving as a wireless access point now.  The remote office PC's are now receiving IP's from our DHCP server in the main office and everything is working....except the one PC that started this problem.  It will join the domain, and if I logon locally, I can access anything, yet the second I try to logon to the computer with a domain account, I get the message the domain is not available.  Any thoughts on what it could be?
0
 

Author Comment

by:Go-GBS
ID: 22896176
Thought I'd throw this in, I logged onto another PC which doesn't seem to be having problems, but it didn't seem to recognize I had domain admin rights, I couldn't even access the clock.
0
 

Author Comment

by:Go-GBS
ID: 22924365
Ok, finally found the issue, well at least after the Linksys router was taken out of the loop.  Seems there was another PC on the network with that name, I didn't realize this b/c our documentation hadn't been updated properly.  I do find it odd that it would have allowed me to join the domain using a duplicated name, but it did, just wouldn't allow me to logon.
0
 

Author Comment

by:Go-GBS
ID: 22924391
I'd like to award lwu168 some points as well, as taking the Linksys out was def part of the problem, but wasn't the whole solution as I got the rest myself.
0
 

Author Comment

by:Go-GBS
ID: 22924402
As I stated above, removing the Linksys was part of the solution, the other part was the duplicate computer name.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question