shorter method for changing domain back to same domain?

Discussion in 'Networking & Security' started by oROEchimaru, Jul 9, 2009.

  1. oROEchimaru

    oROEchimaru [H]ardness Supreme

    Messages:
    4,658
    Joined:
    Jun 1, 2004
    often pcs on the domain find themselves no on the domain and AD looks ok...

    current method:
    change from domain

    blah.com
    to:
    workgroup... xyz (anything really)... reboot

    then: change it back to: blah.com

    any shorter methods?
     
  2. MrGuvernment

    MrGuvernment [H]ard as it Gets

    Messages:
    19,159
    Joined:
    Aug 3, 2004
    Why would the PC's on the domain not find themselves on the Domain, unless of course you have alot of mobile users connecting?

    they should be able to log in on the login screen to their regular computer account,. you dont have to change the domain to workgroup or anything?
     
  3. oROEchimaru

    oROEchimaru [H]ardness Supreme

    Messages:
    4,658
    Joined:
    Jun 1, 2004
    thats how i usually do it.

    sometimes they are on the domain, but machines act as if they are not. (on the domain on their pc.)

    -they are not locked, and they are on the hosting structure in AD.

    its an issue i see maybe once a month only out of 1000 calls.
     
  4. gimp

    gimp [H]ardForum Junkie

    Messages:
    9,851
    Joined:
    Jul 25, 2008
    what's the error message the user receives when they try to log in?
     
  5. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    First thing I'd check would be that these problem PCs are using the IP of the DC as their one and only DNS server...from DHCP. Or perhaps are they manually assigned for some reason?
    Latching onto a nearby wireless for some reason?
     
  6. oROEchimaru

    oROEchimaru [H]ardness Supreme

    Messages:
    4,658
    Joined:
    Jun 1, 2004
    i've seen it where its wireless, but this is not in that case. it may be dns like you state.
    however when switching to workgroup, rebooting pc and readding to domain it resolves it .

    "domain is not available" or whatever the very common error is. usual solution is take them off domain, reboot, add them to domain its a pain in the arse.
     
  7. blk95civicex

    blk95civicex Limp Gawd

    Messages:
    170
    Joined:
    Feb 10, 2003
    You should be able to login as a local admin account and just re-join the domain. No need to join to a workgroup and then back to the domain. We do that when we have a PC dis-joined from the domain.
     
  8. geiger

    geiger Limp Gawd

    Messages:
    413
    Joined:
    Jun 23, 2005
    Are the users power users/local admins? I've seen some interesting issues where the user looks to see what day of the week a certain day falls on and.....
     
  9. da sponge

    da sponge [H]ard|Gawd

    Messages:
    1,133
    Joined:
    Aug 23, 2001
    I ran into similar problems, as well as GP deployed software uninstalling itself on some Optiplexes. Turned out a driver update/bios update (or maybe just the hardware itself) caused the NIC to reset 3 times during boot - during post and during driver initialization. Our switch wasn't tweaked, so all the spanning tree checks took about 30 seconds to complete. By this point the machine was at the login screen. Ended up enabling portfast/disabling etherchannel and traffic was forwarded to the PCs quickly enough that the late connection flap didn't matter.
     
  10. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    Yeah something's gotta be wonky with name resolution. Some malware changes the DNS settings to adware driven DNS servers (commonly in russia). Other malware injects the winsock files..so even though TCP/IP settings look correct, they're not. Maybe try some tcp/winsock repair utilities on the problem PCs.

    Ensuring the PCs, when the symptom occurs, show the correct DNS servers is wonderfully easy to do, would be the first thing I check.
     
  11. oROEchimaru

    oROEchimaru [H]ardness Supreme

    Messages:
    4,658
    Joined:
    Jun 1, 2004
    thanks for the feedback everyone
     
  12. B1zz

    B1zz Gawd

    Messages:
    932
    Joined:
    Aug 1, 2003
    ive had this happen to probably 3-5 different machines at my work, simply removing from the domain and then rejoining on next reboot didnt work. i had to remove the computer, delete the computer account from AD, wait the requisite time for AD to replicate across all DCs(this could take shorter time, but i wait the typical 90mins, gives me time to get other shit done lol :p) come back, rejoin the machine and all seems well....this doesnt seem to happen on any one specific model(we're an all dell shop top to bottom) either...

    its a win2k3 hybrid domain if anyone smarter than all of us here @ work or in this thread has ideas....:confused:
     
  13. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    The only time I've seen this happen, when I know all my settings were correct...was on the network of the one client of mine that I deployed Vista workstations to early on shortly after Vista came out. The server was SBS2K3r2. Network of 20 workstation 'n some laptops, A few months after installing that network fresh, I had 2x workstations give this symptom within a month or so of each other. Had to rejoin. I chalked it up to some "bug" between Vista and 2K3 server...that probably got addresses 'n fixed by some update, since it never happened again.
     
  14. k1pp3r

    k1pp3r [H]ardness Supreme

    Messages:
    7,826
    Joined:
    Jun 16, 2004
    That wasn't server 2k, it was small business server, Vista and office 07 didn't get along with it at first
     
  15. gimp

    gimp [H]ardForum Junkie

    Messages:
    9,851
    Joined:
    Jul 25, 2008
    this error message states the computer cannot find the domain, it is not stating the computer does not have a computer account on the domain.

    how are group policy settings configured?

    Computer Configuration -> Administrative Templates -> System -> Logon
    "Always wait for the network at computer startup and logon"
    is this configured, and set to Enabled?

    how long is the computer given to full boot up and get a DHCP IP before attempting to login?
     
  16. metallicafan

    metallicafan [H]ard|DCer of the Month - May 2010

    Messages:
    2,195
    Joined:
    Mar 30, 2005
    When I get AD conflicts like this i just do the following:
    Change from "blah.com"
    to "blah" and hit OK.

    That change is enough to make it try to rejoin the domain and then you dont have to join a workgroup and reboot. ;)

    Although if this is happening a lot you obviously will want to look into why it happening. But once in a while when i make a naming mistake or something its a nice way to force it to rejoin the domain.
     
  17. B1zz

    B1zz Gawd

    Messages:
    932
    Joined:
    Aug 1, 2003
    specifically for the systems i've worked on...these boxes have sat with the user logged in(locked) over night, WSUS updates and reboots the box during that timeframe, the user comes in next morning and its a no go. this doesnt happen every time WSUS runs nor is there a timeframe i can nail down other than for one girl its about once every 40 days or thereabouts. looking at her GP settings that you mention its not configured or enabled.

    i dont have full domain admin privs so i dont know WHY this is but anything short of "corp.blah.com" will not let you join the domain here @ work, simply typing in "blah" on the workstation to join the domain will not let you....i blame someone else other than me :p ;) ninja edit: this could be some stupid DNS setting they have....just thought of that....
     
  18. oROEchimaru

    oROEchimaru [H]ardness Supreme

    Messages:
    4,658
    Joined:
    Jun 1, 2004
    awesome thanks guys!

    i havnt tried blah.com to blah lol this example si hilarious.

    ill check this out next time

    Computer Configuration -> Administrative Templates -> System -> Logon
    "Always wait for the network at computer startup and logon"
    is this configured, and set to Enabled?