J4sstrom
asked on
XP system lost connection to network, cannot reattach.
I have a system that cannot connect to network any more. It is unable to obtain an IP address nor am I able to get it to connect to the domain. If I assign it an IP address, the internet connection is good, and I can connect through remote desktop to the domain controller (though I do have to use the external address). If, by chance, I assign it a duplicate address I get the IP conflict warning. When I try to attach through System Properties in Control Panel, I get to the last step where I am then told it cannot locate a domain controller.
I have tried changing system name, using a different network card, creating a computer in active directory (which when attempting to connect I do get notice that the computer name is already resident on the server).
Seems like everything is "correct", just the connection cannot be made. Anyone know of a workaround or maybe a way to reset the profile on the server to allow this connection?
I have tried changing system name, using a different network card, creating a computer in active directory (which when attempting to connect I do get notice that the computer name is already resident on the server).
Seems like everything is "correct", just the connection cannot be made. Anyone know of a workaround or maybe a way to reset the profile on the server to allow this connection?
Is it possible that DHCP has been disabled for the connection?
Are you sure your DHCP server is working properly? If so check your network driver and/or try this http://support.microsoft.com/kb/299357
clear our any prior DHCP leases from your server for this host/MAC
make sure that you're not running a firewall that may be blocking DHCP traffic
ensure that the computer account is deleted from your domain controller and that change has been replicated.
dis-join the computer from the domain (assuming it thinks that it currently is joined) then try re-naming the computer with a different name
clear our any prior DHCP leases from your server for this host/MAC
make sure that you're not running a firewall that may be blocking DHCP traffic
ensure that the computer account is deleted from your domain controller and that change has been replicated.
dis-join the computer from the domain (assuming it thinks that it currently is joined) then try re-naming the computer with a different name
As already been suggested, disjoining and rejoining the domain will generally clear up the issues you are indicating. It doesn't take long, just a couple restarts, and there's nothing lost in the effort.
just realized i never completed my thought process. first part of your problem is DHCP. you must have proper DNS entries for a domain join to work in the first place.
beyond that, changing the host name of the computer, join then disjoin, then rename to the correct computer name with all prior references gone from AD and attempt joining again.
beyond that, changing the host name of the computer, join then disjoin, then rename to the correct computer name with all prior references gone from AD and attempt joining again.
ASKER
I haven't gone into the sever to look at DHCP or DNS settings as yet, but I wanted to add that disjoining the netowrk to a workgroup has left me stuck as a member of that workgroup, changing the system name did not help.
I will look at the DHCP, AD, and DNS suggestions also listed above and reply shortly.
I will look at the DHCP, AD, and DNS suggestions also listed above and reply shortly.
ASKER
DNS - no pointers exist to this system
DHCP - deleted the lease to this system as it existed in its previous name
AD - Removed the system from Computers (it existed only in its previous name)
BTW, any thoughts as to why this system won't obtain an IP address on it's own? The service is running on the network as I was able to plug in an outside laptop and get an address. Is the problem potentially on the system?
DHCP - deleted the lease to this system as it existed in its previous name
AD - Removed the system from Computers (it existed only in its previous name)
BTW, any thoughts as to why this system won't obtain an IP address on it's own? The service is running on the network as I was able to plug in an outside laptop and get an address. Is the problem potentially on the system?
Make sure that you can ping the address of the dhcp/dc server, and if successful, rejoin the domain. Unless settings have been changed on the server, setting your network connection TCP/IP are set to 'Obtain Automatically' and you should be good to go.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
DHCP Client service seems to be a likely culprit. Though set to Automatic, will not start due to a few dependencies not loading...
AFD
NetBios over TCPIP
Tcp/Ip Protocol Driver
However, none of these services are listed in that panel. Whereabouts would I start them?
Also, just an FYI, it appears system is infected with Backdoor.Tidserv.I!inf as Symantec AV fires a quarantine whenever I start rooting around in the DHCP Client windows through services. Unfortunately I am unable to remove it as the AV client won't load (I assume the virus overed its butt) and I can't connect to the server to reinstall! :-/
AFD
NetBios over TCPIP
Tcp/Ip Protocol Driver
However, none of these services are listed in that panel. Whereabouts would I start them?
Also, just an FYI, it appears system is infected with Backdoor.Tidserv.I!inf as Symantec AV fires a quarantine whenever I start rooting around in the DHCP Client windows through services. Unfortunately I am unable to remove it as the AV client won't load (I assume the virus overed its butt) and I can't connect to the server to reinstall! :-/
If you have a clean restore point, it is probably simpler to go back to that restore point than to chase a virus that has done who-knows-what to the network settings.
indeed. go back if you can, assuming you know how far back to go. i know trial and error w/ restore points can be a long process. may be easier to re-image the computer if you're able to go that route.
but i'd almost guarentee the virus is what's got you stymied.
but i'd almost guarentee the virus is what's got you stymied.
ASKER
Before I try a restore point, I found an article which had me go into device manager, hidden devices, and ensure the three dependencies listed were started. All were except for NetBios over TCPIP. When I try to start I get an error that I do not have permission to do so.
I am logged in to the local domain as User, which alledgedly has administrative rights. Though you wouldn't know it. Way to bypass this?
I am logged in to the local domain as User, which alledgedly has administrative rights. Though you wouldn't know it. Way to bypass this?
could well be another byproduct of the virus.
at this point i question the wisdom of trying to get a known-infected device connected to your domain.
our policy is that as soon as a pc is found to be infected it gets removed asap. too many bugs that only need modest domain rights to compromise any system on the domain (recent experience with that one)
at this point i question the wisdom of trying to get a known-infected device connected to your domain.
our policy is that as soon as a pc is found to be infected it gets removed asap. too many bugs that only need modest domain rights to compromise any system on the domain (recent experience with that one)
Agree with Dangle79. Trying to get a system that is known to be infected, without knowing the exact method the virus uses to propagate, is asking for trouble.
ASKER
that's a reasonable point that I guess my "coming down with...something" head hadn't yet wrapped around. Stupid flu/allergies/whatever...
Thanks for your time all!
Thanks for your time all!
ASKER
While the suggestion proved to be a "likely" reason behind the issue at hand, as the system showed viral infection as the precursor to this, the decision was made to reformat the system rather than attempt this suggestion and possibly reintroduce a virus back in the system.