tcai1976
asked on
Need help sorting things out, dealing with cached credentials, Outlook 2010, and network settings.
My place of work has two separate buildings and both are setup with domain controllers. One via wireless networking and the other wired. Both domains are named the same.
My boss had been using a pc with Mark's user profile on the wired network. She then brought it over to the other building (that uses wireless networking) and was able to access and send email via Outlook 2010 using Mark's profile (probably via cached credentials). It was NOT set to login to the wireless networking domain controller yet.
Life was happy until I decided to add this computer to the wireless domain. Since I am somewhat new to setting up networking settings, I couldn't add the pc to the wireless initially and tried a few different things. (I had all sorts of messages about Trust Relationships, and DNS Server not found..) etc. One thing I tried was changing the computer name, MARK02-PC to MARK02PC. I also tried to Reset the Computer in AD User/Computer, also Deleted the Computer from list of Domain Computers and added it back while inside AD User/Computer. Also tried leaving and re-entering the domain.
Eventually, after trial and error I changed the computer name back to the original MARK02-PC and was able to get it logged into the wireless domain. (I pointed the wireless adapter to the IP address of the DNS server).
The bad thing now is my boss can no longer login to the Mark user profile (cached credentials erased?) I am hoping to take it back over to the building with the wired network, login as Mark and regain the credentials. Will this work? I hope so, Mark user account has very important emails.
I hope my changing of the computer name had no effect on the SID?
My boss had been using a pc with Mark's user profile on the wired network. She then brought it over to the other building (that uses wireless networking) and was able to access and send email via Outlook 2010 using Mark's profile (probably via cached credentials). It was NOT set to login to the wireless networking domain controller yet.
Life was happy until I decided to add this computer to the wireless domain. Since I am somewhat new to setting up networking settings, I couldn't add the pc to the wireless initially and tried a few different things. (I had all sorts of messages about Trust Relationships, and DNS Server not found..) etc. One thing I tried was changing the computer name, MARK02-PC to MARK02PC. I also tried to Reset the Computer in AD User/Computer, also Deleted the Computer from list of Domain Computers and added it back while inside AD User/Computer. Also tried leaving and re-entering the domain.
Eventually, after trial and error I changed the computer name back to the original MARK02-PC and was able to get it logged into the wireless domain. (I pointed the wireless adapter to the IP address of the DNS server).
The bad thing now is my boss can no longer login to the Mark user profile (cached credentials erased?) I am hoping to take it back over to the building with the wired network, login as Mark and regain the credentials. Will this work? I hope so, Mark user account has very important emails.
I hope my changing of the computer name had no effect on the SID?
ASKER
Hi. Thanks for your assistance.
To clarify what I meant by "also Deleted the Computer from list of Domain Computers and added it back while inside AD User/Computer." - On the domain controller that is running Windows Server 2008, I deleted the computer MARK02-PC while within the Active Directory Users and Computers window (ie. I selected to "Delete" the computer from the sub-folder that listed all computers on the domain.)
I went back to her client machine and renamed it MARK02PC.
Then I went to the domain controller again and manually added her machine to the list of computers inside of Active Directory Users and Computers. This time I added the computer again as MARK02PC.
Bear in mind I did this to try and 'fix' the trust relationship issue between her computer and the wireless network. Removing the client computer, renaming, and adding it back manually to the domain controllers list of Computer didn't work.
I then removed MARK02PC from the domain controller AD U&C computer list, renamed the client machine back to MARK02-PC as previous and then added it back to the domain controller computer list. This time I pointed the wireless adapter to use a preferred DNS Server (it had been previously set to Obtain DNS Server Automatically) and was able to join her client machine to the wireless domain.
Somewhere along the way I accidentally wiped out the cache credentials of the Mark user profile on her client machine. Before I came along to 'fix' the machine they were able to log into the client machine using Mark's cache credentials and had it using the wireless internet router for internet access, do email in Outlook 2010, and use a network printer. I don't understand how they accomplished that without being part of the wireless domain.
Our networks are setup so a user can log onto the network from any machine on the network but the User profile settings for each computer is stored on the local client machine. For instance, on my computer using my username I log onto the domain and have a black desktop background, if I were to log onto the domain in the conference room it has a blue background. Is this a roaming profile setup?
I looked for the archived .pst Outlook file but didn't not find it for Mark. I will enable 'Show Hidden Files and Folders' and look again. it it makes any difference this is on a Windows 7 Pro Client machine with a domain controller running Windows Server 2008.
To clarify what I meant by "also Deleted the Computer from list of Domain Computers and added it back while inside AD User/Computer." - On the domain controller that is running Windows Server 2008, I deleted the computer MARK02-PC while within the Active Directory Users and Computers window (ie. I selected to "Delete" the computer from the sub-folder that listed all computers on the domain.)
I went back to her client machine and renamed it MARK02PC.
Then I went to the domain controller again and manually added her machine to the list of computers inside of Active Directory Users and Computers. This time I added the computer again as MARK02PC.
Bear in mind I did this to try and 'fix' the trust relationship issue between her computer and the wireless network. Removing the client computer, renaming, and adding it back manually to the domain controllers list of Computer didn't work.
I then removed MARK02PC from the domain controller AD U&C computer list, renamed the client machine back to MARK02-PC as previous and then added it back to the domain controller computer list. This time I pointed the wireless adapter to use a preferred DNS Server (it had been previously set to Obtain DNS Server Automatically) and was able to join her client machine to the wireless domain.
Somewhere along the way I accidentally wiped out the cache credentials of the Mark user profile on her client machine. Before I came along to 'fix' the machine they were able to log into the client machine using Mark's cache credentials and had it using the wireless internet router for internet access, do email in Outlook 2010, and use a network printer. I don't understand how they accomplished that without being part of the wireless domain.
Our networks are setup so a user can log onto the network from any machine on the network but the User profile settings for each computer is stored on the local client machine. For instance, on my computer using my username I log onto the domain and have a black desktop background, if I were to log onto the domain in the conference room it has a blue background. Is this a roaming profile setup?
I looked for the archived .pst Outlook file but didn't not find it for Mark. I will enable 'Show Hidden Files and Folders' and look again. it it makes any difference this is on a Windows 7 Pro Client machine with a domain controller running Windows Server 2008.
ASKER
After some research it appears leaving the domain by joining a workgroup will clear cached credentials. I did not know this.. I did leave the current domain and joined a workgroup as a step in attempting to 'fix' the security issues between client and domain controller.
Seems the next step is indeed joining the wired network domain and then login as Mark so the credentials are cached again.
Seems the next step is indeed joining the wired network domain and then login as Mark so the credentials are cached again.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That is good to hear.
Once I've tried this tomorrow I will post the results. It'll be another restless night for me in the meantime.
Once I've tried this tomorrow I will post the results. It'll be another restless night for me in the meantime.
ASKER
Problem has been resolved.
Performing a wired connection login to the domain restored credentials and my boss was able to access the flood of emails.
Thanks Akinsd.
Performing a wired connection login to the domain restored credentials and my boss was able to access the flood of emails.
Thanks Akinsd.
You're welcome
You would still have resolved it on your own though. Great job and thanks
You would still have resolved it on your own though. Great job and thanks
I'm not sure what you meant by...
However, this has nothing to do with Mark's emails you are concerned about.
The email should be archived in the .pst file on the computer unless you are using a roaming profile or folder redirection which means everything would be on the home directory of the user.
Inability to log on to the domain most likely because there is no trust relationship between the wireless network and the domain that houses the user account.
The idea of connecting the computer back to the wired LAN is a good decision. The logon info will be cached after the first logon. My guess is you are not using Radius server to integrate wireless network to your domain.