Guest Tom Posted July 22, 2008 Posted July 22, 2008 I'm getting a error message on my XP clients: "The system cannot log you on now because the domain "example" is not available." However, my laptop is joined to the domain and directly connected to the same switch the server is connected to. I can login locally and ping the server and unc map to it, but if I restart the machine it still won't log in. I've tried several clients. The Windows Vista clients I have works fine. On the XP client I can ping the server, but the server can't the client. The Server is Windows 2003 Enterprise Edition with SP2. The Vista client can ping and be pinged without problems. Any suggestions you have would be greatly appreciated. Thanks, Tom
Guest Dave Patrick Posted July 22, 2008 Posted July 22, 2008 Re: Ping question For the ping problem check the firewall settings. For the logon problem try disjoin, restart, then rejoining the domain. (make sure you know the password for local administrator first) -- Regards, Dave Patrick ....Please no email replies - reply in newsgroup. Microsoft Certified Professional Microsoft MVP [Windows] http://www.microsoft.com/protect "Tom" wrote: > I'm getting a error message on my XP clients: > "The system cannot log you on now because the domain "example" > is not available." > However, my laptop is joined to the domain and directly connected to the > same switch the server is connected to. I can login locally and ping the > server > and unc map to it, but if I restart the machine it still won't log in. > I've tried several clients. The Windows Vista clients I have works fine. > On the XP client I can ping the server, but the server can't the client. > The Server is Windows 2003 Enterprise Edition with SP2. > The Vista client can ping and be pinged without problems. > Any suggestions you have would be greatly appreciated. > Thanks, > Tom
Guest Tom Posted July 22, 2008 Posted July 22, 2008 Re: Ping question Hello, All of the firewalls are disabled on the clients. I can disjoin and rejoin the clients until I'm blue in the face. The problem still persists. The one thing I've noticed is that not all logins are logged in the event viewer of the server. Does something need to be turned on? Thanks. "Dave Patrick" wrote: > For the ping problem check the firewall settings. For the logon problem try > disjoin, restart, then rejoining the domain. (make sure you know the > password for local administrator first) > > > -- > > Regards, > > Dave Patrick ....Please no email replies - reply in newsgroup. > Microsoft Certified Professional > Microsoft MVP [Windows] > http://www.microsoft.com/protect > > "Tom" wrote: > > I'm getting a error message on my XP clients: > > "The system cannot log you on now because the domain "example" > > is not available." > > However, my laptop is joined to the domain and directly connected to the > > same switch the server is connected to. I can login locally and ping the > > server > > and unc map to it, but if I restart the machine it still won't log in. > > I've tried several clients. The Windows Vista clients I have works fine. > > On the XP client I can ping the server, but the server can't the client. > > The Server is Windows 2003 Enterprise Edition with SP2. > > The Vista client can ping and be pinged without problems. > > Any suggestions you have would be greatly appreciated. > > Thanks, > > Tom > >
Guest Dave Patrick Posted July 22, 2008 Posted July 22, 2008 Re: Ping question You might try manually configuring the ip address and DNS server address then try rejoining. Also flush WINS, DNS nbtstat -R ipconfig /flushdns -- Regards, Dave Patrick ....Please no email replies - reply in newsgroup. Microsoft Certified Professional Microsoft MVP [Windows] http://www.microsoft.com/protect "Tom" wrote: > Hello, > All of the firewalls are disabled on the clients. I can disjoin and > rejoin > the clients until I'm blue in the face. The problem still persists. The > one > thing I've noticed is that not all logins are logged in the event viewer > of > the server. Does something need to be turned on? > Thanks.
Guest Tom Posted July 22, 2008 Posted July 22, 2008 Re: Ping question I'll try to assign a static ip and see what it does. I've fushed DNS and it didn't make a difference, but I'll try flushing WINS. Thanks. Tom "Dave Patrick" wrote: > You might try manually configuring the ip address and DNS server address > then try rejoining. Also flush WINS, DNS > > nbtstat -R > ipconfig /flushdns > > > -- > > Regards, > > Dave Patrick ....Please no email replies - reply in newsgroup. > Microsoft Certified Professional > Microsoft MVP [Windows] > http://www.microsoft.com/protect > > "Tom" wrote: > > Hello, > > All of the firewalls are disabled on the clients. I can disjoin and > > rejoin > > the clients until I'm blue in the face. The problem still persists. The > > one > > thing I've noticed is that not all logins are logged in the event viewer > > of > > the server. Does something need to be turned on? > > Thanks. > >
Guest Ace Fekay [MVP] Posted July 22, 2008 Posted July 22, 2008 Re: Ping question In news:D4587089-6A71-45A2-A639-9B43A487A8BA@microsoft.com, Tom <Tom@discussions.microsoft.com> typed: > I'll try to assign a static ip and see what it does. > I've fushed DNS and it didn't make a difference, but I'll try > flushing WINS. Thanks. Tom Curious of your configuration. You're probably able to join/disjoin because of using the NetBIOS domain name instead of the DNS (FQDN of the) domain name. I believe there may be a DNS misconfig. To better assist you, please post an unedited "ipconfig /all" of the client and the server. Thank you, Ace This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP Microsoft MVP - Directory Services Microsoft Certified Trainer For urgent issues, you may want to contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers. Infinite Diversities in Infinite Combinations
Guest Meinolf Weber Posted July 22, 2008 Posted July 22, 2008 Re: Ping question Hello Tom, Please post an unedited ipconfig /all from the problem machine and the server. Let's exclude that DNS is the problem. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > I'm getting a error message on my XP clients: > "The system cannot log you on now because the domain "example" > is not available." > However, my laptop is joined to the domain and directly connected to > the > same switch the server is connected to. I can login locally and ping > the > server > and unc map to it, but if I restart the machine it still won't log in. > I've tried several clients. The Windows Vista clients I have works > fine. > On the XP client I can ping the server, but the server can't the > client. > The Server is Windows 2003 Enterprise Edition with SP2. > The Vista client can ping and be pinged without problems. > Any suggestions you have would be greatly appreciated. > Thanks, > Tom
Guest Tom Posted July 22, 2008 Posted July 22, 2008 Re: Ping question Hello, A little background......we installed this new dc a few months ago, but we didn't have any login problems until we demoted the old dc and removed it from the network. We transferred the FSMO roles and everything appeared great. Then when we went back on our older XP clients (over 100 of them) we started having login problems. The domain administrator account will generally login (assuming cached), and the mapped network drives will be there, but if you try to access them here is the message that comes up: "The system detected a possible attempt to comprimise security. Please ensure that you can contact the server that authenticated you." If we wait a minute or so then the network drives become available. I thought maybe it was a connectivity problem, but I isolated the server and a XP client on a single switch and I have the same problems. We are a school on a statewide network and they control all DNS and DHCP addressing. Here it is: IPCONFIG from the new server: 10.130.2.45 255.255.254.0 10.130.2.1 165.234.71.10 IPCONFIG from the clients (ones that work and don't): 10.130.3.21 255.255.254.0 10.130.2.1 165.234.71.10 The state says that something must be wrong with the new server. It's running Windows 2003 Enterprise Edition. I'm getting virtually no errors in the Event logs and it only seems to be affecting the XP clients. Also the server doesn't seem to be logging all of the network logins in the event viewer. This is the same configuration (DNS and DHCP) that the school has used for years. Thanks for your help. Tom "Meinolf Weber" wrote: > Hello Tom, > > Please post an unedited ipconfig /all from the problem machine and the server. > Let's exclude that DNS is the problem. > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > > > I'm getting a error message on my XP clients: > > "The system cannot log you on now because the domain "example" > > is not available." > > However, my laptop is joined to the domain and directly connected to > > the > > same switch the server is connected to. I can login locally and ping > > the > > server > > and unc map to it, but if I restart the machine it still won't log in. > > I've tried several clients. The Windows Vista clients I have works > > fine. > > On the XP client I can ping the server, but the server can't the > > client. > > The Server is Windows 2003 Enterprise Edition with SP2. > > The Vista client can ping and be pinged without problems. > > Any suggestions you have would be greatly appreciated. > > Thanks, > > Tom > > >
Guest Meinolf Weber Posted July 22, 2008 Posted July 22, 2008 Re: Ping question Hello Tom, Remove the 165.x.x.x address form the DNS server list of all domain machines. I assume this are the ISP's DNS server. You have to configure them under the FORWARDERS tab under the server properties in the DNS management console. For correct name resolution use domain internal only the domain internal DNS server. That it works for some machines is luck. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > Hello, > A little background......we installed this new dc a few months ago, > but we > didn't have any login problems until we demoted the old dc and removed > it > from the network. We transferred the FSMO roles and everything > appeared > great. Then when we went back on our older XP clients (over 100 of > them) we > started having login problems. The domain administrator account will > generally login (assuming cached), and the mapped network drives will > be > there, but if you try to access them here is the message that comes > up: > "The system detected a possible attempt to comprimise security. > Please > ensure that you can contact the server that authenticated you." > If we wait a minute or so then the network drives become available. I > thought maybe it was a connectivity problem, but I isolated the server > and a > XP client on a single switch and I have the same problems. We are a > school > on a statewide network and they control all DNS and DHCP addressing. > Here it > is: > IPCONFIG from the new server: > 10.130.2.45 > 255.255.254.0 > 10.130.2.1 > 165.234.71.10 > IPCONFIG from the clients (ones that work and don't): > 10.130.3.21 > 255.255.254.0 > 10.130.2.1 > 165.234.71.10 > The state says that something must be wrong with the new server. It's > running Windows 2003 Enterprise Edition. I'm getting virtually no > errors in > the Event logs and it only seems to be affecting the XP clients. Also > the > server doesn't seem to be logging all of the network logins in the > event > viewer. This is the same configuration (DNS and DHCP) that the school > has > used for years. > Thanks for your help. > Tom > "Meinolf Weber" wrote: > >> Hello Tom, >> >> Please post an unedited ipconfig /all from the problem machine and >> the server. Let's exclude that DNS is the problem. >> >> Best regards >> >> Meinolf Weber >> Disclaimer: This posting is provided "AS IS" with no warranties, and >> confers >> no rights. >> ** Please do NOT email, only reply to Newsgroups >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm >>> I'm getting a error message on my XP clients: >>> "The system cannot log you on now because the domain "example" >>> is not available." >>> However, my laptop is joined to the domain and directly connected to >>> the >>> same switch the server is connected to. I can login locally and >>> ping >>> the >>> server >>> and unc map to it, but if I restart the machine it still won't log >>> in. >>> I've tried several clients. The Windows Vista clients I have works >>> fine. >>> On the XP client I can ping the server, but the server can't the >>> client. >>> The Server is Windows 2003 Enterprise Edition with SP2. >>> The Vista client can ping and be pinged without problems. >>> Any suggestions you have would be greatly appreciated. >>> Thanks, >>> Tom
Guest Tom Posted July 22, 2008 Posted July 22, 2008 Re: Ping question I am getting this message in the Directory Service log. Event ID: 1394 All problems preventing updates to the Active Directory Database have been cleared. New updates to the Active Directory database are succeeding. The Net Logon service has restarted. Does this mean something wasn't working correctly? Thanks. Tom "Meinolf Weber" wrote: > Hello Tom, > > Please post an unedited ipconfig /all from the problem machine and the server. > Let's exclude that DNS is the problem. > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > > > I'm getting a error message on my XP clients: > > "The system cannot log you on now because the domain "example" > > is not available." > > However, my laptop is joined to the domain and directly connected to > > the > > same switch the server is connected to. I can login locally and ping > > the > > server > > and unc map to it, but if I restart the machine it still won't log in. > > I've tried several clients. The Windows Vista clients I have works > > fine. > > On the XP client I can ping the server, but the server can't the > > client. > > The Server is Windows 2003 Enterprise Edition with SP2. > > The Vista client can ping and be pinged without problems. > > Any suggestions you have would be greatly appreciated. > > Thanks, > > Tom > > >
Guest Tom Posted July 22, 2008 Posted July 22, 2008 Re: Ping question That's what I told the state, but they will not allow us to run DNS services on the DC. They assign the 165.x.x.x dns number and it points to their servers not the ISP. I've run DCDIAG on the server and the only thing that comes back in question is the services test: RPCLOCATOR, TRKWKS, and TRKSVR are not running. Thanks for the quick response. Tom "Meinolf Weber" wrote: > Hello Tom, > > Remove the 165.x.x.x address form the DNS server list of all domain machines. > I assume this are the ISP's DNS server. You have to configure them under > the FORWARDERS tab under the server properties in the DNS management console. > For correct name resolution use domain internal only the domain internal > DNS server. That it works for some machines is luck. > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > > > Hello, > > A little background......we installed this new dc a few months ago, > > but we > > didn't have any login problems until we demoted the old dc and removed > > it > > from the network. We transferred the FSMO roles and everything > > appeared > > great. Then when we went back on our older XP clients (over 100 of > > them) we > > started having login problems. The domain administrator account will > > generally login (assuming cached), and the mapped network drives will > > be > > there, but if you try to access them here is the message that comes > > up: > > "The system detected a possible attempt to comprimise security. > > Please > > ensure that you can contact the server that authenticated you." > > If we wait a minute or so then the network drives become available. I > > thought maybe it was a connectivity problem, but I isolated the server > > and a > > XP client on a single switch and I have the same problems. We are a > > school > > on a statewide network and they control all DNS and DHCP addressing. > > Here it > > is: > > IPCONFIG from the new server: > > 10.130.2.45 > > 255.255.254.0 > > 10.130.2.1 > > 165.234.71.10 > > IPCONFIG from the clients (ones that work and don't): > > 10.130.3.21 > > 255.255.254.0 > > 10.130.2.1 > > 165.234.71.10 > > The state says that something must be wrong with the new server. It's > > running Windows 2003 Enterprise Edition. I'm getting virtually no > > errors in > > the Event logs and it only seems to be affecting the XP clients. Also > > the > > server doesn't seem to be logging all of the network logins in the > > event > > viewer. This is the same configuration (DNS and DHCP) that the school > > has > > used for years. > > Thanks for your help. > > Tom > > "Meinolf Weber" wrote: > > > >> Hello Tom, > >> > >> Please post an unedited ipconfig /all from the problem machine and > >> the server. Let's exclude that DNS is the problem. > >> > >> Best regards > >> > >> Meinolf Weber > >> Disclaimer: This posting is provided "AS IS" with no warranties, and > >> confers > >> no rights. > >> ** Please do NOT email, only reply to Newsgroups > >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > >>> I'm getting a error message on my XP clients: > >>> "The system cannot log you on now because the domain "example" > >>> is not available." > >>> However, my laptop is joined to the domain and directly connected to > >>> the > >>> same switch the server is connected to. I can login locally and > >>> ping > >>> the > >>> server > >>> and unc map to it, but if I restart the machine it still won't log > >>> in. > >>> I've tried several clients. The Windows Vista clients I have works > >>> fine. > >>> On the XP client I can ping the server, but the server can't the > >>> client. > >>> The Server is Windows 2003 Enterprise Edition with SP2. > >>> The Vista client can ping and be pinged without problems. > >>> Any suggestions you have would be greatly appreciated. > >>> Thanks, > >>> Tom > > >
Guest Meinolf Weber Posted July 22, 2008 Posted July 22, 2008 Re: Ping question Hello Tom, But that is the source of the problem for my point of view. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > That's what I told the state, but they will not allow us to run DNS > services > on the DC. They assign the 165.x.x.x dns number and it points to > their > servers not the ISP. I've run DCDIAG on the server and the only thing > that > comes back in question is the services test: > RPCLOCATOR, TRKWKS, and TRKSVR are not running. > Thanks for the quick response. > Tom > "Meinolf Weber" wrote: > >> Hello Tom, >> >> Remove the 165.x.x.x address form the DNS server list of all domain >> machines. I assume this are the ISP's DNS server. You have to >> configure them under the FORWARDERS tab under the server properties >> in the DNS management console. For correct name resolution use domain >> internal only the domain internal DNS server. That it works for some >> machines is luck. >> >> Best regards >> >> Meinolf Weber >> Disclaimer: This posting is provided "AS IS" with no warranties, and >> confers >> no rights. >> ** Please do NOT email, only reply to Newsgroups >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm >>> Hello, >>> A little background......we installed this new dc a few months ago, >>> but we >>> didn't have any login problems until we demoted the old dc and >>> removed >>> it >>> from the network. We transferred the FSMO roles and everything >>> appeared >>> great. Then when we went back on our older XP clients (over 100 of >>> them) we >>> started having login problems. The domain administrator account >>> will >>> generally login (assuming cached), and the mapped network drives >>> will >>> be >>> there, but if you try to access them here is the message that comes >>> up: >>> "The system detected a possible attempt to comprimise security. >>> Please >>> ensure that you can contact the server that authenticated you." >>> If we wait a minute or so then the network drives become available. >>> I >>> thought maybe it was a connectivity problem, but I isolated the >>> server >>> and a >>> XP client on a single switch and I have the same problems. We are a >>> school >>> on a statewide network and they control all DNS and DHCP addressing. >>> Here it >>> is: >>> IPCONFIG from the new server: >>> 10.130.2.45 >>> 255.255.254.0 >>> 10.130.2.1 >>> 165.234.71.10 >>> IPCONFIG from the clients (ones that work and don't): >>> 10.130.3.21 >>> 255.255.254.0 >>> 10.130.2.1 >>> 165.234.71.10 >>> The state says that something must be wrong with the new server. >>> It's >>> running Windows 2003 Enterprise Edition. I'm getting virtually no >>> errors in >>> the Event logs and it only seems to be affecting the XP clients. >>> Also >>> the >>> server doesn't seem to be logging all of the network logins in the >>> event >>> viewer. This is the same configuration (DNS and DHCP) that the >>> school >>> has >>> used for years. >>> Thanks for your help. >>> Tom >>> "Meinolf Weber" wrote: >>>> Hello Tom, >>>> >>>> Please post an unedited ipconfig /all from the problem machine and >>>> the server. Let's exclude that DNS is the problem. >>>> >>>> Best regards >>>> >>>> Meinolf Weber >>>> Disclaimer: This posting is provided "AS IS" with no warranties, >>>> and >>>> confers >>>> no rights. >>>> ** Please do NOT email, only reply to Newsgroups >>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm >>>>> I'm getting a error message on my XP clients: >>>>> "The system cannot log you on now because the domain "example" >>>>> is not available." >>>>> However, my laptop is joined to the domain and directly connected >>>>> to >>>>> the >>>>> same switch the server is connected to. I can login locally and >>>>> ping >>>>> the >>>>> server >>>>> and unc map to it, but if I restart the machine it still won't log >>>>> in. >>>>> I've tried several clients. The Windows Vista clients I have >>>>> works >>>>> fine. >>>>> On the XP client I can ping the server, but the server can't the >>>>> client. >>>>> The Server is Windows 2003 Enterprise Edition with SP2. >>>>> The Vista client can ping and be pinged without problems. >>>>> Any suggestions you have would be greatly appreciated. >>>>> Thanks, >>>>> Tom
Guest Tom Posted July 22, 2008 Posted July 22, 2008 Re: Ping question Are there any other DNS tests that I can run from the server or clients that could show the problem? "Meinolf Weber" wrote: > Hello Tom, > > But that is the source of the problem for my point of view. > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > > > That's what I told the state, but they will not allow us to run DNS > > services > > on the DC. They assign the 165.x.x.x dns number and it points to > > their > > servers not the ISP. I've run DCDIAG on the server and the only thing > > that > > comes back in question is the services test: > > RPCLOCATOR, TRKWKS, and TRKSVR are not running. > > Thanks for the quick response. > > Tom > > "Meinolf Weber" wrote: > > > >> Hello Tom, > >> > >> Remove the 165.x.x.x address form the DNS server list of all domain > >> machines. I assume this are the ISP's DNS server. You have to > >> configure them under the FORWARDERS tab under the server properties > >> in the DNS management console. For correct name resolution use domain > >> internal only the domain internal DNS server. That it works for some > >> machines is luck. > >> > >> Best regards > >> > >> Meinolf Weber > >> Disclaimer: This posting is provided "AS IS" with no warranties, and > >> confers > >> no rights. > >> ** Please do NOT email, only reply to Newsgroups > >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > >>> Hello, > >>> A little background......we installed this new dc a few months ago, > >>> but we > >>> didn't have any login problems until we demoted the old dc and > >>> removed > >>> it > >>> from the network. We transferred the FSMO roles and everything > >>> appeared > >>> great. Then when we went back on our older XP clients (over 100 of > >>> them) we > >>> started having login problems. The domain administrator account > >>> will > >>> generally login (assuming cached), and the mapped network drives > >>> will > >>> be > >>> there, but if you try to access them here is the message that comes > >>> up: > >>> "The system detected a possible attempt to comprimise security. > >>> Please > >>> ensure that you can contact the server that authenticated you." > >>> If we wait a minute or so then the network drives become available. > >>> I > >>> thought maybe it was a connectivity problem, but I isolated the > >>> server > >>> and a > >>> XP client on a single switch and I have the same problems. We are a > >>> school > >>> on a statewide network and they control all DNS and DHCP addressing. > >>> Here it > >>> is: > >>> IPCONFIG from the new server: > >>> 10.130.2.45 > >>> 255.255.254.0 > >>> 10.130.2.1 > >>> 165.234.71.10 > >>> IPCONFIG from the clients (ones that work and don't): > >>> 10.130.3.21 > >>> 255.255.254.0 > >>> 10.130.2.1 > >>> 165.234.71.10 > >>> The state says that something must be wrong with the new server. > >>> It's > >>> running Windows 2003 Enterprise Edition. I'm getting virtually no > >>> errors in > >>> the Event logs and it only seems to be affecting the XP clients. > >>> Also > >>> the > >>> server doesn't seem to be logging all of the network logins in the > >>> event > >>> viewer. This is the same configuration (DNS and DHCP) that the > >>> school > >>> has > >>> used for years. > >>> Thanks for your help. > >>> Tom > >>> "Meinolf Weber" wrote: > >>>> Hello Tom, > >>>> > >>>> Please post an unedited ipconfig /all from the problem machine and > >>>> the server. Let's exclude that DNS is the problem. > >>>> > >>>> Best regards > >>>> > >>>> Meinolf Weber > >>>> Disclaimer: This posting is provided "AS IS" with no warranties, > >>>> and > >>>> confers > >>>> no rights. > >>>> ** Please do NOT email, only reply to Newsgroups > >>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > >>>>> I'm getting a error message on my XP clients: > >>>>> "The system cannot log you on now because the domain "example" > >>>>> is not available." > >>>>> However, my laptop is joined to the domain and directly connected > >>>>> to > >>>>> the > >>>>> same switch the server is connected to. I can login locally and > >>>>> ping > >>>>> the > >>>>> server > >>>>> and unc map to it, but if I restart the machine it still won't log > >>>>> in. > >>>>> I've tried several clients. The Windows Vista clients I have > >>>>> works > >>>>> fine. > >>>>> On the XP client I can ping the server, but the server can't the > >>>>> client. > >>>>> The Server is Windows 2003 Enterprise Edition with SP2. > >>>>> The Vista client can ping and be pinged without problems. > >>>>> Any suggestions you have would be greatly appreciated. > >>>>> Thanks, > >>>>> Tom > > >
Guest Dave Patrick Posted July 23, 2008 Posted July 23, 2008 Re: Ping question Be sure to also assign the correct DNS server address. -- Regards, Dave Patrick ....Please no email replies - reply in newsgroup. Microsoft Certified Professional Microsoft MVP [Windows] http://www.microsoft.com/protect "Tom" wrote: > I'll try to assign a static ip and see what it does. > I've fushed DNS and it didn't make a difference, but I'll try flushing > WINS. > Thanks. Tom
Guest Jaco Niemand Posted July 24, 2008 Posted July 24, 2008 Re: Ping question Also check your host files and make sure that there's nothing in there "Dave Patrick" <DSPatrick@nospam.gmail.com> wrote in message news:enHeogG7IHA.2348@TK2MSFTNGP06.phx.gbl... > Be sure to also assign the correct DNS server address. > > > -- > > Regards, > > Dave Patrick ....Please no email replies - reply in newsgroup. > Microsoft Certified Professional > Microsoft MVP [Windows] > http://www.microsoft.com/protect > > "Tom" wrote: >> I'll try to assign a static ip and see what it does. >> I've fushed DNS and it didn't make a difference, but I'll try flushing >> WINS. >> Thanks. Tom >
Guest Ace Fekay [MVP] Posted July 27, 2008 Posted July 27, 2008 Re: Ping question In news:5562C0B9-3030-479F-A668-2F7A4216C49C@microsoft.com, Tom <Tom@discussions.microsoft.com> typed: > Are there any other DNS tests that I can run from the server or > clients that could show the problem? > Does that DNS server host the AD zone? I did a reverse on 165.234.71.10 and it came back as: Name: ns1.k12.nd.us Address: 165.234.71.10 To me that is a public DNS server. If this is also hosting your internal AD zone, and the reason why you must use it internally, assuming the state knows what they're talking about, then I would say yes, use this server. If it does NOT host the internal AD zone, then it MUST be removed and the state does NOT know what they're talking about, technically speaking in regards to how Active Directory and its reliance on DNS works. Try this: nslookup server 165.234.71.10 set q=srv ls -t domain.com (domain.com = your internal AD DNS domain name.) If it comes back and shows you all the SRV records for your internal domain, then good. You will know what they look like. NUmerous records will return, such as "_gc._tcp.Defaul-First-Site-Name._sites SRV priority=0, weight=100, etc. If nothing shows up, then we have a problem. If it responds with "Can't list domain domain.com: Non-existent domain," then it means the zone does not exist and this DNS server must NOT be used. Now if it responds with a query refused, then it means the zone does exist but they have zone transfers disabled, but at least the zone exists. But that may only mean it's a shadow copy of the zone and not necessarily contain the internal AD zone name. If you can ask them to allow zone transfers for this test to see if the SRV records return, it will help you at least know this is server hosts the AD zone. Ace
Recommended Posts