Solved

Users dropping off the Domain

Posted on 2011-03-06
13
769 Views
Last Modified: 2012-05-11
About once a week, I have 1-2 PC's that will just not join the domain. I will have users or PC's drop off the domain for no reason. Once you log in as a local admin and rejoin the PC back to the domain the PC and the user can log-on just fine. What gives? We have a 2003 & 2008 AD scheme running side-by-side. We are migrating from 2003 to 2008 just moved the print ques. More to follow, Could that be causing the issue?  
Please advise  DP -Saxman
0
Comment
Question by:dpsaxman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 

Author Comment

by:dpsaxman
ID: 35052414
Looking for an answer this week.  
0
 

Expert Comment

by:stealth2549
ID: 35052516
Most common cause is that another PC on the domain has the same name.  The PC account will be deleted from AD if 2 computers with the same name are logged in simultaneously.  Can you verify if the user accounts have experienced any issues also?
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 35052533
Need to be more specific....what do you mean by not joining the domain?  What are the errors?  What do you mean by dropping off the domain?

I would start by looking at event logs both on the workstation as well as the servers for any AD issues.
The 2003 and 2008 domain controllers should have identical copies of AD.  Make sure there are no replication issues.
0
Office 365 Training for Admins

Learn how to provision tenants, synchronize on-premise Active Directory, and implement Single Sign-On with these master level course.  Only from Platform Scholar

 

Author Comment

by:dpsaxman
ID: 35052956
So what is going on to be clear is, That the user will dock his laptop or turn on his desktop, And he will get "The user or computer is not trusted on this domain. Please contact your system administrator".

This happened to people from different depts including the CEO. And these are users and PC's, that had been on the network before with no issues. This is coming from different points and users and depts. So I am am thinking AD is playing a role on this. Just not sure where.
0
 
LVL 3

Expert Comment

by:kawamuracd
ID: 35053287
You may want to check the speed settings on the user's nic. Set the Speed & Duplex to something other than Auto Negotiation. We have a few machines that used to do that. We set it to use 100 Mbps Full Duplex, the nic could go up to 1.0 Gbps Full. I don't know if it will help you but it worked for the handful that we had.
0
 

Author Comment

by:dpsaxman
ID: 35053324
kawam..
That would be odd that one day it would work, and the next day not without a settings change. So I an not sure about making a change on the system like that, Because after you re-join the domain the system has no problems after that.
0
 
LVL 26

Expert Comment

by:MidnightOne
ID: 35177417
Are the clocks on the troubled systems synced with the DC holding the PDC Emulator role?
0
 

Author Comment

by:dpsaxman
ID: 35177449
I am not sure about the PDC Emulator role. I will have to check and get back with you on this.
0
 
LVL 14

Accepted Solution

by:
Burns2007 earned 500 total points
ID: 35178018
It sounds like you probably have a tombstoned domain controller that is no longer replicating with the other DCs. PCs reset their computer account password every 30 days or so, and if they reset the password with one domain controller that isn't replicating, then when they try to connect to another domain controller they will appear to "fall off the domain"

Use Active Directory Sites and Services to check the replication between all your domain controllers is working correctly.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 35180649
We have a 2003 & 2008 AD scheme running side-by-side.

That is impossible.  There can only be one scheme,...and it would have to be 2003 since it is impossible for 2003 Dcs to operate at a 2008 level.  Now if you mean that you have both a 2003 Domain and a separate 2008 Domain with a Trust between the two then you need to make that clear.
0
 

Author Comment

by:dpsaxman
ID: 35229039
Thank you very much.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question