Avatar of Tom F
Tom FFlag for United States of America asked on

Windows 7 Workstations 'losing domain'

I have about 25 workstations - all the same hardware .. all about 3 months old ... all Windows 7 SP1, 64 bit ... all part of a windows domain.  Over the last couple of months I've had about 4 of them just simply lose their association with the domain.  

Computer starts and the only login option is the local admin account.  When I login and look at the users folders, I see two for each user ... where as prior there was one folder for each user.  Now there is an additional folder for each user with the domain name tagged on as an extension.

xxx
xxx.domain

(as a side note, I noticed the newly .domain folder has today's date but a time of 12:27pm (into the future 1/2 day) but the system clock looks right... not sure if this has any meaning)

What I've been doing to this point is logging in as the local admin, removing folder xxx and renaming xxx.domain back to xxx.  After rebooting I get option to login as the domain user again and this seems to get almost everything back to normal.   Windows and Office need to be reactivated after this.

Anyone have any ideas what could be causing this?
Windows 7Windows Networking

Avatar of undefined
Last Comment
Tom F

8/22/2022 - Mon
strivoli

Fully scan you system with an updated AV.
ASKER
Tom F

AV is kept updated - Symantec Endpoint Protection.  I haven't run a scan on this machine today but on the 1st and 2nd machines to do this, I gave them the once over with about 4 different AV/Anitmalware products and no detection.
strivoli

Do the Windows Application and/or System Logs (run eventvwr) report any usefull Warnings/Errors entries?
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
ASKER
Tom F

I'm about to check events ...

Something else that has happened each time that's peculiar - not sure if its a clue.

when i setup each of these machines i had to re-letter all the drives (dvd, card reader, etc.) so they didn't interfere with mapping network drives.   whenever this happens, these drives go back to their default letterings.
strivoli

Could you list the drives and letters associated? Such as:
Internal HDD -> C:
DVD -> D:
and so on...
ASKER
Tom F

HDD -> C
HDD part 2 -> D
DVD -> E
Network-> F
Network-> H
Network-> M
(Card Reader) -> T
(Card Reader) -> U
(Card Reader) -> V
(Card Reader) -> W
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
R. Andrew Koffron

I'd try the following.
remove them from the domain,
Completely get rid of the profile folders. cut and paste them into a storage location out of the C:\Users, (do this as an administrator while in a work group).
MAke sure you have taken ownership and applied read/write permissions to all user folders. if you don't just delete them. (better to just keep data files and loose all the other profile stuff)
Scan for AV and Spyware as Local Admin. in safe mode
reboot a couple times in a work group.
re-add them to the domain using the domain.local
set a system restore point and soon as it's back in the domain.
Sam

Do whatever you do first to fix everything.

After that, take them out of the domain and then reset the computer accounts from AD.

If this doesn't work, delete the computer accounts from AD for these PCS and rejoin them.
ASKER
Tom F

I will try all suggestions, but so far this has happened to 4 different machines .. never the same one twice.  What I'd really like to know is what is CAUSING this so I can prevent it from happening in the future to different machines.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
David Johnson, CD

If the time is off by more than 15 minutes then they won't be able to login.
ASKER
Tom F

The domain time is set correctly
David Johnson, CD

you previously stated that the time stamp of a file was in the future!  Ergo the time was off when that computer tried to login.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
Tom F

Ok, you said that If the time is off by more than 15 minutes then they won't be able to login.

But that doesn't usually just throw the machine off the domain does it?
David Johnson, CD

The machine can't authenticate either.
ASKER
Tom F

Yes, If there is no connection to the domain it cannot authenticate.
Your help has saved me hundreds of hours of internet surfing.
fblack61
ASKER CERTIFIED SOLUTION
R. Andrew Koffron

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
Tom F

it does seem like thats what happened - but i have system restore disabled across the domain via GP.  I'm not even sure a restore point exists.  Hmmmm...
R. Andrew Koffron

well obviously, if there was a restore point, it was prior to domain join, so GP would be Not applicable.
ASKER
Tom F

...and if I'm not mistaken - windows 7 startup repair can run restore...
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.