domain faqs
TRANSCRIPT
Domain FAQs
Authenticate cached credentialsCannot logon after removing the domainCan't logon using domain cached credentialsCan't remove a computer from a domainCan't find the WINS server.Can't Add Windows 2000 Computer to Domain: The Network Path Was NotFoundCan't join or logon domainCan't join or logon domain - case studyCan't join or logon NT DomainCan't join XP clients to a NT domainCannot join the domain because of Norton SecurityCopying User AccountsDomain or Workgroup Name is gray outHow configure TCP/IP to access to different networksHow to access different domain without changing the network settingsHow to change the network information for a Domain ControllerHow to check who is logging on a particular computerHow to map a network drive without logon the domainHow to synchronize the time on all the computers in a networkHow to switch network settings without rebootHow to verify if you are logged on to the domain and which server you arelogging onHow can I synchronize all computers' time in the network?How do I un-synchronize time on my domain networkMapping problem - persistent connectionNo domain available to logonPlease wait while domain list is createdProblem with License ManagerProblem joining computer to domainRPC to local server returned 0x0Slow Network Performance Occurs while copying file to W2K Domain ControlThe Specified Domain Either Does Not Exist or Could Not Be Contacted"The network path was not found" errorThere are currently no logon servers available to logon your requestUnable to logon domain or experience an extremely slow logon - Event ID:1054Why W2K/XP clients logon so slowerWindows 2000 can't join 2008 DC because of security settingsXP can't connect the same domain in newer server
Authenticate cached credentials
Symptoms: The primary purpose of logging onwith cached credentials is to enable you toaccess the local workstation. However, if youhave logged on by cached credentials, you maybe unable to access network resources becauseyou have not been authenticated.
For example 1) after you log on to a w2k/xp laptop by using cached credentials, you maybe unable to access the network resources. This issue is commonly experienced by laptopusers whose computer resides in a Windows Server domain and who log on to thecomputer by using cached credentials prior to being able to establish a remote accessconnection. 2) You log on to a w2k/xp laptop with a domain logon option in a workgroupnetwork. After you establish the connection and you try to map the network drives, theoperation may be unsuccessful, and you may receive the following error message:"System Error: (1311) There are currently no logon servers available to service the logonrequest."
Resolutions: To authenticate the cached credentials, 1) if it is w2k/xp, use net command,for example, net use \\servername\sharename /user:username. 2) if xp, open WindowsExplorer>Tools>Map Network Drive. Click Connect using a different user name, enter theusername and password.
Can't logon after removing the domain
I have a windows 2000 professional laptop workstation. I used to belong to a domain onmy network, but I recentlychanged by network settings to belong to a workgroup. Once I restarted my machine, itwon't let me log into windows 2000 at all! The error says wrong user name or domain.
1
For some reason, I think it's trying to access the domain - even though I don't belong to itanymore. Even when I'm not connected to the network, I cannot log into windows 2000 atall. How can I get into windows 2000? How can I change this?!
A: After changing the domain to a workgroup, only the member of local administrators canlogon the computer. the resolutions: 1. logon the local administrator to local computer andadd the users. 2. If you don't have the administrator password, you may need yournetwork administrator to help you.
Can't logon using domain cached credentials
Symptoms: When attempting to logon w2k/XP with domain logon option at workgroupnetwork, you may receive "No Windows domain controller is available..." message and notbe able to log on the workgroup network by using cached credentials.
Resolutions: To resolve this problem, obtain the latest service pack for W2K/XP.
Can't add/remove a computer to/from a domain
Symptom: 1. When trying to move the computer off of the domain and into a workgroupthe following error message is displayed, "The computer could not be removed from thedomain <domain name>. The revision level is unknown." 2. You may receive the sameerror when remove a client from the domain.
Causes: 1. You are logging on local user instead of a domain a administrator. 2. Theregistry keeps some old or other domain information need to be cleaned.
Can't find the WINS server.
SYMPTOMS: After you install the Windows Internet Name Service (WINS) component, youmay not be able to gain access to the WINS database on the local WINS server. When youtry to gain access to the WINS database, you may receive the following error message:"Cannot find the WINS server", "The WINS server you specified cannot be located", "TheWINS server might be down, there might be network problems, or the WINS service mightnot be installed", and "The network path was not found".
RESOLUTION: When WINS Manager starts, it tries to contact the File Server service on theWINS server. Specifically, WINS Manager checks for NetBIOS suffix 20 on the WINS server.If File and Printer Sharing is disabled, it disables the File Server service and NetBIOS suffix.You must have File and Printer Sharing enabled to use WINS.
Can't Add Windows 2000 Computer to Domain: The Network Path Was Not Found
SYMPTOMS: When trying to join a Win2K/XP computer to a domain, you receive thefollowing error message: The following error occurred when attempting to join "domainname". The network path was not found.
RESOLUTION: 1) make sure you are using an correct IP for the DNS. 2) make sure youhave correct DNS and WINS server on your network. 3) try to enable NetBIOS over TCP/IPon Win2K/XP if this is NT domain controller.
Can't join or logon domain
Symptoms: When attempting to join a domain, you may receive one of the following errormessages 1) "The following error occurred attempting to join domain "example.com": Thenetwork location cannot be reached."2) "Network path not found."3) "The remote computer is not available."4) "The domain name "Domain" is either invalid or doesn't exist."5) "The specified domain either does not exist or could not be contacted."
Resolutions: 1) Make sure the File and Print Sharing for Microsoft Networks optionis enabled on the Windows 2000 domain controller.2) If you receive "Network path not found.", it is possible you are using an incorrect IP forthe Domain Name Service (DNS) server. Make sure you have correct DNS and WINSsettings. You also can use nslookup or ping to check if the client points to the correct DNS.3) If you get "The specified domain either does not exist or could not be contacted", checkif there is network protocol installed on the computer.4) If you try to join the domain by using the NetBIOS domain name, you are successful butnot the fully qualified domain name (FQDN) of the domain, and receive "The following erroroccurred attempting to join domain "example.com": The network location cannot bereached." To fix this problem, enable the TCP/IP NetBIOS Helper Service is not running onthe client computer.5) If WINS is not enabled on the computer and the computer is located in different TCP/IPsubnet than the NT 4.0 PDC, you can configure the computer to use the LMHOSTS file forNetBIOS name resolution.6) If you have two NICs in the client, make sure that you can ping DNS server.
Can't join or logon domain - case study
Symptoms: 1. when upgrading driers or SP, the computer crashes and stops rebooting.After fixing or using last good to restore it, you may be able to logon using cachecredentials, can't access the network.2. You can't logon the network randomly (sometimes works while another time doesn'twok).3. You may logon by using cache credentials, but you can't browse any networkingcomputers.4. Net view command doesn't show any list.
2
5. Logon doesn't run logon batch file.6. Browstat status command shows no Master Browser.
Resolutions: to fix this problem, you may need to combine the following resolutions, forexample, applying SP and then re-join the domain.1. Make sure Computer, Server, TCP/IP Helper and Workstation services are running.2. Make sure you point to the DNS on TCP/IP settings.3. Check DNS and WINS servers and make sure correct settings and records.4. Check the hardware settings such as duplex and NIC driver.5. Use static IP to test it.6. Remove it from the domain and re-join it.7. Apply or reapply SP.
Can't join or logon NT Domain
Symptoms: 1) When attempting to join or logon a domain, you may receive "The specifieddomain either does not exist or could not be contacted" message. 2) When attempting touse the net view command from the client, you receive the following error message:"System error 53 has occurred. The network path was not found." Also, if you attempt toping by name from the computer does not work. Pinging by IP address does work. 3) Oryou may receive "The Specified Domain Either Does Not Exist or Could Not Be Contacted "
Resolutions: 1) If you have WINS server, check the WINS settings on the domain andclients.2) If you don't have WINS, enable NetBIOS over TCP/IP.3) Some third-party DNS servers have been known to cause this problem. 4) If network configuration requirements make it impractical to enable NetBIOS overTCP/IP, one possible workaround is to install a new protocol, such as NetBEUI, on both theclient and the server.5) If WINS is not enabled on the computer and the computer is located in different TCP/IPsubnet than the NT 4.0 PDC, you can configure the computer to use the LMHOSTS file forNetBIOS name resolution.
Can't join XP clients to a NT domain
Symptoms: 1. When attempting to join a Windows XP Pro computer to a NT domain, youmay receive the following error message: The following error occurred validating the name"domain name". The specified domain either does not exist or could not be contacted.2. When attempting to use the net view command from the Windows XP Pro computer,you may receive the following error message: System error 53 has occurred. The networkpath was not found.3. You can ping the server by IP address but when you ping it by name from the WindowsXP Pro computer, it does not work.
Resolutions: 1. Setup WINS server or check the WINS settings.2. If you don't have WINS, enable NetBIOS over TCP/IP (NetBT) on the workstation.
Copying User Accounts
When you create user accounts that contain many configured attributes, and thoseattributes are similar from one user account to the next, you may want to use CopyingUser Accounts feature. To do this, you can create a template user account that containsmandatory attributes and the optional attributes that are similar from one user account tothe next or simply right-click on a user account you want to copy, and select copy tocreate a new user.
Domain or Workgroup Name is gray out
Symptoms: when you attempt to change the domain or workgroup name, you may find itis gray out and can't make the change.
Cause: you can't make change under Computer Name if this is DC. You should usedcpromo to do so.
How configure TCP/IP to access to different networks
1. if all networks use dhcp, logon locally.
2. if one company uses static ip and another use DHCP, use alternative configuration.3. Doesn't matter which case, you can always use netsh.exe switch the settings withoutrebooting.
How to access different domain without changing the network settings
To use a laptop to access to different domain without changing the domain settings, logonlocal machine (instead of domain) using your domain logon ID that also are created on
3
your local computer. If it is possible, you may create the same logon id and passwordon all domain so that you always are able to access the domain you are connecting to.Also you may want to create one batch file like logon.bat with domain logon ID andpassword to map network drives.
How to change the network information for a Domain Controller
When you try to change the network information to a domain comptroller, you find theNetwork ID and Properties buttons will not be available. The way to change the networkinformation on a domain controller would be to demote the controller to a member server,change the necessary information, and then promote the server back to a domaincontroller.
How to check who is logging on a particular computer
If you would like to check who is logging on a particular PC in the (same subnet) network,you can use command nbtstat -a computername. That will show NetBIOS Remote MachineName Table such as username, <03>, type and status.
How to map a network drive without logon the domain
If you have a laptop used at home and sometimes used in the office, you would like tomap a network drive without logon the domain, you can create a batch file like that “netuse h: \\ervername\sharename password /user:domainname\username".
How to synchronize the time on all the computers in a network
To synchronize the time on all the computers in a network, create a logon script and usenet time command, for example, net time \\computername /set /yes.
How to switch network settings without reboot
As a network consultant, I work on different network every day and need to switchnetwork settings such as IP and DNS accordingly. Fortunately, W2K/XP comes with auseful tool, netsh.exe, that can switch network settings quickly. To copy abc.com networksettings, type command netsh -c interface dump >c:\abc.txt. The abc.com networksettings will be saved at the root of the C drive. You can create as many network settingsas I like. When you work at abc.com next time, you will load the settings by typing netsh-f abc.txt command and the abc.com network settings will take effect immediately.
How to verify if you are logged on to the domain and which server you arelogging on
To verify if you are logging on to the domain and which server you are logging on, at acommand prompt, type set, and then press ENTER. Look for the LOGONSERVER entry. If itis set to the name of your computer, you were logged on using cached domain credentials.If you are logging on the domain, the LOGONSERVER entry is set to one of the domaincontrollers.
How can I synchronize all computers' time in the network?
A: You as an Administrators can configure an internal time server as authoritative by usingthe net time command.
You can also configure the Time Service on the AD to recognize an external SimpleNetwork Time Protocol (SNTP) time server as authoritative. Use the following net timecommand: net time /setsntp:server_list. Note: 1) The United States Naval Observatoryruns several SNTP time servers that are satisfactory for this function, for example,ntp2.usno.navy.mil (at 192.5.41.209) and tock.usno.navy.mil (at 192.5.41.41). 2) thatSNTP uses User Datagram Protocol (UDP) port 123. If this port is not open to the Internet,you cannot synchronize your server to Internet SNTP servers.
After you set the SNTP time server as authoritative, run the following command oncomputers other than the domain controller to reset the local computer's time against theauthoritative time server: net time \\servername /set /yes.
How do I un-synchronize time on my domain network?
Q: I have an isolated Windows 2000/NT domain for I/O testing. I want to change TIME onone of my W2K server; however after approx. 30min. the TIME of this server was resetback to my domain time.
A: You can disable the 'Windows Time' service on the computer you don't want to update.
Mapping problem - persistent connection
After you changed net use I: \\serverA\shared to \\serverB\shared in your logon script,some windows 2000 machines are still mapping to \\serverA\shared. The reason is thatnet use /persistent:yes is default settings for NT and win2000/XP. You can disconnect theold mapping and re-logon. That will map to \\cbgntB\shared. Also you may want to useNET USE I: \\servername\folder /persistent:no so that next time when we change themapping, it will automatically map to the new settings.
Problem with License ManagerI have followed the instructions in Q153140 and Q194065 on how to reset License Managerinformation. Two days later, I am getting warnings in my Event Logs that my WindowsServer is out of licenses. Its finding ghost users that have been deleted from my system
4
for 3-4 years How do I really delete their licenses and make them stop coming back?
A: Many people have reported the same problem. You may want to disable the LicenseManager and manage the licenses manually.
Slow Network Performance Occurs while copying file to W2K Domain Control
A: Symptom: when copying files from a client computer to W2K domain controller, networkperformance is slower. You may notice this problem occurs only if you copy many smallfiles but not copy a few large files.
Resolution: 1) apply SP3 on the W2K domain controller; 2) edit the TcpDelAckTicksregistry value to adjust the TCP delayed ACK timer (refer to MS Q321098).
The Specified Domain Either Does Not Exist or Could Not Be Contacted
SYMPTOMS: When you attempt to join a Microsoft Windows 2000-based client to aMicrosoft Windows NT 4.0-based or Windows 2000-based domain, you may receive thefollowing error message: The following error occurred validating the name "domain". Thespecified domain either does not exist or could not be contacted.
RESOLUTION: 1. Temporarily remove the assigned DNS address from the client. After theclient has successfully joined the domain, reconfigure the client with a DNS server's IPaddress.2. Delete the problem computer from DNS records and re-create it.3. This issue may occur because the Sysvol directory is not shared out on the domaincontroller. To resolve this issue, share out the Sysvol directory.4. Contact your ISP DNS server to inquire about the availability of an update for the DNSserver that supports SRV records.
Unable to logon domain or experience an extremely slow logon - Event ID: 1054
Symptoms: 1) clients cannot obtain the domain controller name for your computernetwork. (The specified domain either does not exist or could not be contacted). 2) GroupPolicy processing aborted. 3) The clients may also experience an extremely slow logon.
Resolution:
1) Check you DHCP, WINS and DNS server settings and make sure they are working.2) ipconfig /all on clients shows correct DNS and WINS.3) If you do not use DHCP, you need to add DNS in the properties of TCP/IP. 4) if you havemore than one NICs and one of them does not plug, disable it.
"The network path was not found" error
When attempting to join "domain name", you get this error "The network path was notfound". This behavior can occur if you are using an incorrect Internet Protocol (IP) addressfor the Domain Name Service (DNS) server or have incorrected WINS settings. To resolvethis behavior, make sure that the IP addresses of the DNS and WINS servers on yournetwork are specified correctly in your TCP/IP settings.
Why W2K/XP clients logon so slower
1) Slow logon from W2K/XP to a win2000 domain usually indicates a DNS and WINSconfiguration issue. If DNS/WINS is configured uncorrected, XP will take longer time tosearch DNS/WINS and will be time out if it can't find the DNS/WINS. 2) Servers and clientshave more than one protocols such as TCP/IP, NetBEUI and IPX. 3) If you have oneunplugged and enable network adapter on the computer, you should disable it.
This web is provided "AS IS" with no warranties.Copyright © 2002-2011 ChicagoTech.net, All rights reserved. Unauthorized reproduction forbidden.
http://www.chicagotech.net/domainfaqs.htm
5
10/08/2011 6:39