Intermittent ability to log into Active directoy domain from xp client

flyin2 used Ask the Experts™
I am having intermittent login issues with multiple windows xp clients on a Server 2008 Small business domain. When I log in it acts a if the username and password is bad. Most of the time when I reboot the client and log in it will let me back in. It gives me an error saying that the username and password is invalid. These are windows xp clients SP2 and server 2008 small business edition.  
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®


The error message is
The system could not log you on. Make sure the User name and domain are correct then type your password again. Letters in passwords must be typed using the correct case.

We are sure that the password is typed correctly.
Cris HannaSr IT Support Engineer

Have you run the SBS 2008 BPA?  If not, that this the first place to start and fix everything it finds

Make sure that your clients are only set to use the SBS server for DNS and not your ISP DNS.  The DNS server on SBS should be configured for Root Hints and not use Forwarders.  DHCP should also be configured on the SBS and not on your firewall.  Make sure the DHCP scope options are set to only give out the SBS server for DNS.
How to Generate Services Revenue the Easiest Way

This Tuesday! Learn key insights about modern cyber protection services & gain practical strategies to skyrocket business:

- What it takes to build a cloud service portfolio
- How to determine which services will help your unique business grow
- Various use-cases and examples

Login into the windows XP with sp2 and check following things:
(1)TCP /IP helper service is started
(2)DNS service is Started
(3)Netlogon service is started.
(4)Check the prefferred DNS and alternate DNS
(5)if your domain name is then run the command "ping -a" and reply will come from Domain controller
(6)run the command ''nsllokup"
 Still you are facing the issue then enable the NETLOGON logging (use KB 109626) and once the issue reoccur then check this log

Thank you all. I found the issue. It was a "rouge" domain controller. It was sitting in a closet and I was not told about it. It was not replicating AD so old users could authenticate off of either computer but the new users could only authenticate off of the newer server. So it was luck of the draw the server the client hit as to if they could authenticate. After verifying all fismos were on the main server I disconnected the "rouge" one and everything was fine. Thanks for your input.

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial