Can't login to domain! HELP!

[invalidfunction]

hello guys. Sorry to cut in here, but I have an issue wondering if anyone could help. One of our site is connected via Frame Relay to the main office where the Win2k DC is. Everything seems to work fine, DNS, WINS etc. This site is on a separate subnet but has the same mask as the DC subnet. I can logon to the domain with Win98 machine and browse the network and can access all the shares on the servers just fine. But when I try to logon to the domain with win2k Pro, the pc will just hang at 'Loading Your Personal Settings...' message window. Now if I disconnect the network cable from the pc, it loads the profile and gets me to the desktop. Then i can go into Network Neighborhood and able to see rest of the PCs but cannot access anyone of them!!
So thats where I am stuck!! What am I doing wrong??
Thanks....

 

[zoeythecat]

What do your Win2k pro network settings look like?

 

[koquito]

Check if everything is fine with the DNS, and if you have any roaming profiles. If your roaming profile is too big, the it will take long to be transfered to your computer. Windows 2k keeps a local profile, so that is why when you disconnect the cable , it starts loading it.
Hope this helps A+, MCP, CCNA
marbinpr@hotmail.com

Keep fighting for your knowledge!

 

[GlenJohnson]

Have you tried taking it out of the domain and re-joining? Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com


"Deliberate before you begin; but, having carefully done so, execute with vigour."
Caius Sallustius Crispus (86BC-35BC); Roman historian

 

[invalidfunction]

Thanks for responding guys!! To answer everyone's question starting with Zoeythecat, the Win2k laptop I'm using is configured for DHCP, and it receives the correct ip(for that subnet) and other like DNS, WINS, Gateway adresses from the DC server just fine.
I have checked the roaming profile for the Admin account I am using, Koquito. It is not huge at all. I have transferred files from the DC to a Win98 and the speed is really good too. The DNS server seems to be okay. I am not sure what to check for in DNS.
I have tried another Win2k pc(brand new install) and tried joining the domain, it asked me to enter the Admin. account User and Password to join the domain, I entered it and it came back saying the domain is unavailable. Again I logged in locally and i could browse the network.
It seems like to me that this remote subnet needs some kind of authentication for the user to login. I could be wrong. Is there anything I should look out for in the CISCO router that connects the offices? I have no access to it since it was installed by another party, but I can have them check it.
So that's where it all stands for me right now!!


---r----

 

[zoeythecat]

Have you verified your NIC is working? Verify this in Device Manager. Also try and ping your router by going to a command line. This will verify connectivity to your network. Are you using the Administrator username and password for the Network Domain or the Local Domain? Make sure it is the network domain. How do you know DNS and WINS is working locally? I assume you have TCP/IP as your protocol? If you can connect via Windows98 workstations than you should be able to connect and join the domain from a Windows2000 Pro workstation. You may just be missing a step? Also verify that you are getting an IP Address. Go to a command prompt and release and renew your IP Address (I.E - ipconfig /release ipconfig /renew). If you have problems getting an IP Address than you have to troubleshoot the NIC. Is the driver installed correctly? Is this visible in Device Manager, check your protocols.

Let us know how you make out.

 

[GlenJohnson]

In services make sure computer browsing is turned off the w2k pro machines. I had this same problem with browsing turned on, which is default. The problem was that if you check your log files, you might find that other w2k machines are listed as the master browser, and the w2k machines were forcing elections. Disable it, re-boot and then try and join it. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com

"Take nothing on its looks: take everything on evidence. There's no better rule."
Charles Dickens (1812-1870); English novelist, dr

 

[invalidfunction]

This is not just one machine specific problem, it happens from all other win2k machines. I have checked all the ip settings it receives from the DHCP server, even after releasing and renewing, they are fine. The computer shows up in the DHCP server too with the assigned ip.I do not have any server at this remote office subnet. All the servers are at the main office. The DNS is working cause I can browse the internet and the win2k machine registers itself in the DNS. So does it in the WINS server. I am not sure what else to look for. I even tried logon with local profile oppose to roaming. Same thing, it just sits there.
Thanks Zoeythecat for your input, i have tried them all.
Let's see what happens, like you said, I might just be missing a step.

---r---

 

[GlenJohnson]

That's what makes me think it's browsing, you only have that option from w2k up, so 98 machines wouldn't be affected. (If it is available, I'm not aware of it.) Check it out. Gool luck. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com

"Take nothing on its looks: take everything on evidence. There's no better rule."
Charles Dickens (1812-1870); English novelist, dr

 

[zoeythecat]

Glen,

Sorry but I have to disagree. He cannot login to the Domain. This has nothing to do with browsing. If he was able to login to the domain and could not view the network than browsing could be a problem. This does have something to do with connection to the network. He needs to be able to login to the domain before he can browse. He is not even getting that far.

Invalidfunction,

Would be helpful if you could provide as much info about your network as possible. Have you tried using a static IP address for your Windows2000 PRO workstation just to see if this works? Can you also ping the router to the other subnet? There are so many variables involved here but without really knowing how your network is setup it is all a guessing game. Are there any computer policies defined on the network that could be causing problems? Have you added the Windows2000 PRO workstations(The Computer names) to the network before joining the domain? If you didn't do this step you may have problems logging into the domain.

 

[tlcscousin]

Try also setting a default gateway pointing to the server. On the server, if the machine is on a seperate subnet, is routing setup with either a static route or RIP?

 

[GlenJohnson]

zoeythecat I agree, but when it hangs like that a lot of times it's a rites issue. I'm wondering if he's joined the domain to begin with.
invalidfunction What is the w2k machines name? Is it machinename or machiinename.domain.com? This is what I was wondering about. If it hasn't joined the domain, it may not be getting rites from the domain, which is why you can log on locally. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com

"Take nothing on its looks: take everything on evidence. There's no better rule."
Charles Dickens (1812-1870); English novelist, dr

 

[Demtro]

Not sure if you have resolved the problem yet, but in case you have not here is my 2 cents. In our office with our remove systems we have problems accessing computers. Granted this is not the same as authentication however creating a hosts and LMhosts file to help in the DNS resolution has fixed most of the problems. This might help. Also It seems that for some reason you are unable to actually talk to the domain so try pinging the domain controllers. First try it by name if you do not get resolution try pinging by IP. If you still do not get a response then your problem is your connection from your Site to the site where the servers are located. If you get a response from IP ping and not name ping then you have DNS resolution issues. Try creating a Hosts file and LMhosts file to help with the resolution. once you create the files and put them in place try pingning by name again. If you get a response see if you can then join the domain. If you can ping both by name and IP and get a response and still cannot join the domain well its back to the drawing board. Ill see if i can dig up anything additional to help you out. post here if you already have the problem resolved.

 

[vgrice]

The LMHOST file is a step in the right direction, but Win2k is trying to move away from such things. Check your DHCP settings under Server Options and make sure there is an entry for DNS Domain Name and DNS Servers. Also make sure the DC is registering with DNS. To verify that it is, check DNS for _msdcs, _sites, _tcp, _udp entries in the root of your domain name space. If the entries are not there make sure that the network adapter for the DC is registering with DNS under Advanced properties/DNS for TCP/IP

 

[GlenJohnson]

vgrice is right. I've always swore by hosts and lmhosts, but after taking a class in Installing and configuring a w2k network, I've started to move away from them. I've found several instances where the hosts file had the wrong IP address and by just getting rid of the hosts file, my problems were solved. How about the ping, ipconfig /all and nslookup results. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com

"Take nothing on its looks: take everything on evidence. There's no better rule."
Charles Dickens (1812-1870); English novelist, dr

 

[micon55]

If you think it's a W2K related problem, can you try to test a W2K machine, (laptop perhaps), at the centre of your domain.
What speed is your Frame Relay link? W2K machines carry a lot more 'baggage' than W98 clients. Microsoft recommends at least a 512Kb stream between sites.
Hope this may help.
Mike

 

[invalidfunction]

Okay I am back with nothing solved. i don't think it's a browsing issue. I can login to the domain with win98 machine and even logon scripts run fine too. Login in locally on a win2k machine: I can ping the DC servers and other ones like DNS & DHCP by their computer name and ip address. the pc also gets everything from the DHCP server. This is what I have under dhcp Server options:
DNS Server: 192.168.10.7
DNS Domain Name: mydomain.com
name Servers:192.168.10.5 or should it be .7?? not sure!
WINS/NBNS Servers: 192.168.10.5
The ip range info. is set scope specific by location.

The remote Office's subnet is: 192.168.60.*
Connected via Cisco router(ip 192.168.60.4) over frame relay to the main office where there is another Cisco router(ip 192.168.0.2)
The Gateway there is 192.168.10.3 for the network.

The win2k domain is still in mixed mode.
I have tried LMhost file but that did not solve the problem.

In DNS like vgrice mentioned, I can see the all the DC and BDC's, uder _msdcs, _tcp,_udp

i am suspecting it could be something to do with my DNS server. i gotta find moe about it.

Thanks everyone for your valuable inputs. I will post here some more details soon.

---r---

 

[jamor1999]

Here's an idea. I had a problem loading profiles onto a windows 2000 server. The problem was: originally the profiles had been created under an NT 4.0 environment and would refuse to load on the 2000 server. Also, there's a possiblity that the user's profile has been corrupted somehow. The fix? Rename the old profile and remove the profile path from the user's id under Active Directory. Then log into the domain on that PC. If this works, then it was a profile issue. Before continuing, just want to know if that helps you troubleshoot.

Jane

One more idea, right click on that user's My Computer icon on his PC and go to manage. Then check out the event veiwer for errors that might have posted upon the logon attempt to the domain.

 

[invalidfunction]

when I try to join the domain from the win2k pro, the error displayed is: the specified network name is not available. But if I enter the wrong password for the admin. account to join the domain, it diplays: the specified network password is not valid.
I have added the win2k pro in the DC. before trying to join the domain too.

The WINS setting in TCP/IP is:
enable Netbios over tcp/ip is checked

DNS setting in tcp/IP are:
append primary...and
append parent suffixes are checked
register this connection
s addresses.... are checked

 

[turquoise]

How is the user profile configured?

If you're using roaming profiles you could be downloading your desktop settings from the remote server over frame relay... could take hours. I had a customer with the same problem... users had word and excel docs on the desktop and every time they logged in it took for ever and a day to load the settings.