Windows 7 Workstations 'losing domain'
I have about 25 workstations - all the same hardware .. all about 3 months old ... all Windows 7 SP1, 64 bit ... all part of a windows domain. Over the last couple of months I've had about 4 of them just simply lose their association with the domain.
Computer starts and the only login option is the local admin account. When I login and look at the users folders, I see two for each user ... where as prior there was one folder for each user. Now there is an additional folder for each user with the domain name tagged on as an extension.
xxx
xxx.domain
(as a side note, I noticed the newly .domain folder has today's date but a time of 12:27pm (into the future 1/2 day) but the system clock looks right... not sure if this has any meaning)
What I've been doing to this point is logging in as the local admin, removing folder xxx and renaming xxx.domain back to xxx. After rebooting I get option to login as the domain user again and this seems to get almost everything back to normal. Windows and Office need to be reactivated after this.
Anyone have any ideas what could be causing this?
Computer starts and the only login option is the local admin account. When I login and look at the users folders, I see two for each user ... where as prior there was one folder for each user. Now there is an additional folder for each user with the domain name tagged on as an extension.
xxx
xxx.domain
(as a side note, I noticed the newly .domain folder has today's date but a time of 12:27pm (into the future 1/2 day) but the system clock looks right... not sure if this has any meaning)
What I've been doing to this point is logging in as the local admin, removing folder xxx and renaming xxx.domain back to xxx. After rebooting I get option to login as the domain user again and this seems to get almost everything back to normal. Windows and Office need to be reactivated after this.
Anyone have any ideas what could be causing this?
Last Comment
strivoli
Fully scan you system with an updated AV.
ASKER
AV is kept updated - Symantec Endpoint Protection. I haven't run a scan on this machine today but on the 1st and 2nd machines to do this, I gave them the once over with about 4 different AV/Anitmalware products and no detection.
Do the Windows Application and/or System Logs (run eventvwr) report any usefull Warnings/Errors entries?
ASKER
I'm about to check events ...
Something else that has happened each time that's peculiar - not sure if its a clue.
when i setup each of these machines i had to re-letter all the drives (dvd, card reader, etc.) so they didn't interfere with mapping network drives. whenever this happens, these drives go back to their default letterings.
Something else that has happened each time that's peculiar - not sure if its a clue.
when i setup each of these machines i had to re-letter all the drives (dvd, card reader, etc.) so they didn't interfere with mapping network drives. whenever this happens, these drives go back to their default letterings.
Could you list the drives and letters associated? Such as:
Internal HDD -> C:
DVD -> D:
and so on...
Internal HDD -> C:
DVD -> D:
and so on...
ASKER
HDD -> C
HDD part 2 -> D
DVD -> E
Network-> F
Network-> H
Network-> M
(Card Reader) -> T
(Card Reader) -> U
(Card Reader) -> V
(Card Reader) -> W
HDD part 2 -> D
DVD -> E
Network-> F
Network-> H
Network-> M
(Card Reader) -> T
(Card Reader) -> U
(Card Reader) -> V
(Card Reader) -> W
I'd try the following.
remove them from the domain,
Completely get rid of the profile folders. cut and paste them into a storage location out of the C:\Users, (do this as an administrator while in a work group).
MAke sure you have taken ownership and applied read/write permissions to all user folders. if you don't just delete them. (better to just keep data files and loose all the other profile stuff)
Scan for AV and Spyware as Local Admin. in safe mode
reboot a couple times in a work group.
re-add them to the domain using the domain.local
set a system restore point and soon as it's back in the domain.
remove them from the domain,
Completely get rid of the profile folders. cut and paste them into a storage location out of the C:\Users, (do this as an administrator while in a work group).
MAke sure you have taken ownership and applied read/write permissions to all user folders. if you don't just delete them. (better to just keep data files and loose all the other profile stuff)
Scan for AV and Spyware as Local Admin. in safe mode
reboot a couple times in a work group.
re-add them to the domain using the domain.local
set a system restore point and soon as it's back in the domain.
Do whatever you do first to fix everything.
After that, take them out of the domain and then reset the computer accounts from AD.
If this doesn't work, delete the computer accounts from AD for these PCS and rejoin them.
After that, take them out of the domain and then reset the computer accounts from AD.
If this doesn't work, delete the computer accounts from AD for these PCS and rejoin them.
ASKER
I will try all suggestions, but so far this has happened to 4 different machines .. never the same one twice. What I'd really like to know is what is CAUSING this so I can prevent it from happening in the future to different machines.
If the time is off by more than 15 minutes then they won't be able to login.
ASKER
The domain time is set correctly
you previously stated that the time stamp of a file was in the future! Ergo the time was off when that computer tried to login.
ASKER
Ok, you said that If the time is off by more than 15 minutes then they won't be able to login.
But that doesn't usually just throw the machine off the domain does it?
But that doesn't usually just throw the machine off the domain does it?
The machine can't authenticate either.
ASKER
Yes, If there is no connection to the domain it cannot authenticate.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
it does seem like thats what happened - but i have system restore disabled across the domain via GP. I'm not even sure a restore point exists. Hmmmm...
well obviously, if there was a restore point, it was prior to domain join, so GP would be Not applicable.
ASKER
...and if I'm not mistaken - windows 7 startup repair can run restore...
Windows Networking
The Windows operating systems have distinct methodologies for designing and implementing networks, and have specific systems to accomplish various networking processes, such as Exchange for email, Sharepoint for shared files and programs, and IIS for delivery of web pages. Microsoft also produces server technologies for networked database use, security and virtualization.
51K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
