Click here to get back home

Computers Losing Connection ???
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Computers Losing Connection ??? Dave Mackler 01-11-2007
Posted by Dave Mackler on January 11, 2007, 10:47 am
Please log in for more thread options
 I have Windows 2003, SP1, servers in four locations (sites), all
workstations are XP, SP2.

Within the last few wqeeks a strange connection problem has starting
occuring. A workstation suddenly cannot be used to log onto the AD domain.
The error msg:

The system could not log you on. Make sure your user name and domain are
correct, then type your password again. Letters in passwords must be typed
in the correct case.

No one can log on to the domain from that workstation when the problem
appears, not even domain admins. The only logon available is a local
account. Nothing has been changed in the domain or on these computers to
cause this. It has occurred in disparate sites and only one or two
workstations at a site has been affected. So far we have also discovered
that moving the workstation to a workgroup, deleting the computer account,
recreating it and rejoining the domain works for a few days then that
workstation gets the same error. This has happened on 5 computers so far.
The only fix we have is to delete the computer account, reimage the
computer, then join the domain. The same users have no problems logging on
from other computers.

What could be causing this behavior??

dave admin




Posted by Jesper on January 15, 2007, 7:29 pm
Please log in for more thread options
 My first inclination is that the rootkit on those boxes probably is
corrupting or blocking the logon sequence.

There is no sub-authentication package on them is there? Check the MSV1_0,
Kerberos, and Authentication Packages keys under
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\ and see if there is
anything listed there.

Are users running as local admins on those machines? I'd be looking for
malware if I were you.

It could conceivably also be a keyboard issue. I have seen this error on
keyboards that were broken and wouldn't type a particular key, or if there
was corruption in the drivers that caused the wrong characters to be entered.
If you type the password in the username dialog (make sure nobody sees you)
do you see the correct password?

"Dave Mackler" wrote:

> I have Windows 2003, SP1, servers in four locations (sites), all
> workstations are XP, SP2.
>
> Within the last few wqeeks a strange connection problem has starting
> occuring. A workstation suddenly cannot be used to log onto the AD domain.
> The error msg:
>
> The system could not log you on. Make sure your user name and domain are
> correct, then type your password again. Letters in passwords must be typed
> in the correct case.
>
> No one can log on to the domain from that workstation when the problem
> appears, not even domain admins. The only logon available is a local
> account. Nothing has been changed in the domain or on these computers to
> cause this. It has occurred in disparate sites and only one or two
> workstations at a site has been affected. So far we have also discovered
> that moving the workstation to a workgroup, deleting the computer account,
> recreating it and rejoining the domain works for a few days then that
> workstation gets the same error. This has happened on 5 computers so far.
> The only fix we have is to delete the computer account, reimage the
> computer, then join the domain. The same users have no problems logging on
> from other computers.
>
> What could be causing this behavior??
>
> dave admin
>
>
>
>

Similar ThreadsPosted
Preventing RDT connection from outside March 5, 2007, 12:51 pm
terminal service connection September 14, 2006, 6:08 am
Remote Web Connection / Logon To Restrictions December 10, 2005, 1:56 pm
Remote Desktop Connection IP address June 30, 2006, 2:34 pm
IPsec connection can no be established from BOTH endpoints July 17, 2006, 1:22 pm
Connection to a service under Windows 2003 November 4, 2006, 5:08 pm
Seeing Null Share Connection in Eventviewer February 13, 2007, 4:27 am
Trying to set port for Remote Desktop Connection on Win2K3 July 21, 2005, 10:33 am
scheduled task cannot open network connection April 5, 2006, 11:55 am
Connection to a service under Windows 2003 enterprise October 19, 2006, 6:06 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap