Windows
Oct 9, 2006
My Digital Life Editorial Team
17 Comments
Delicious Delicious

Unable to Logon to Win2003 Domain AD Due to Windows Cannot Connect to the Domain Error

The computer and user account has been created and existed in a Windows 2003 domain Active Directory (AD) where a domain controller (DC) running Microsoft Windows 2003 Server opeating system. However, you may encounter the following error message when a domain user tries to autheticate and logon to the domain from a workstation which can be running on Windows XP (with or without SP2) operating system or any other OS:

Windows cannot connect to the domain either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. If this message continues to appear contact your System Administrator for assistance.


The symptom or error may appear when a PC is replaced with another computer with the same computer name without first deleting the duplicate computer name from the domain Active Directory service before joining the new workstation to the domain with that duplicate name. The symptom may appear immediately or after a few successful log-ons. The cause of the error will probably due to security identifier (SID) issues. Another possible cause for the error is that the computer account for the workstation is accidentally deleted.

The resolution and workaround to solve the above error in above condition is as below.

  1. Login to the Windows 2003 domain controller, and delete the computer account object from the Active Directory by using Microsoft Management Console (MMC) which you can always access from “Manage Your Server”.
  2. Log-in to the PC workstation as local administrator. If you cannot logon as local administrator, try to unplug the network cable and logon to the computer by using a domain administrator user that used to logon on the PC before, by using cached logon credentials feature.
  3. Go to Control Panel, then click on System icon, then go to Computer Name tab.
  4. Unjoin the computer from the domain by clicking on “Change”. You should see that Domain button is now selected. Remember your domain name in the text box. Select (Click) on “Workgroup” to remove the computer from the domain, and put any workgroup name in the text box (e.g. workgroup).
  5. Click OK to exit.
  6. Restart the computer (optional)
  7. Go back to the Control Panel, launch System properties and then go to Computer Name tab, and click on “Change”.
  8. Rejoin the domain by uncheck the Workgroup button and select (check) Domain button, and put in the domain name noted above into the text box.
  9. Click OK to exit.
  10. Reboot the PC.

This should solve the unable to logon to domain error, without changing or losing the user profiles on AD.

Related posts:

  1. Group Policy Login or Logon Scripts Not Running, Not Working or Not Executing
  2. Unable to Map (Net Use) LPT1 in Windows XP
  3. Host Your Domain Email with Google on Gmail Technology
  4. Windows Update or Office Update Encounters 0×80070643 Failed Update Error
  5. PHP Parse Error: syntax error, unexpected $end

17 Comments

  • TJ Botten April 8, 2011 at 4:57 am

    If you have ISA running on server 2003 SBS don't forget to check the RPC filter, for some reason it wont allow connection when connecting with Win7 64-bit. Disable it until you are on the domain and then re-enable it.

    Reply
  • rahul March 6, 2011 at 12:03 am

    this solution is temporary. i need a permenant solution for better envoirnment. people came back to me for same issue.What is the actual issue ?

    Reply
  • Sam June 16, 2010 at 5:24 am

    rahmath ali,

    You should be able to see the profiles listed. You will need to search within the name you used when logging in if you browse to

    C:WindowsApplication DataOutlook Express{GUID}

    or

    C:Documents and SettingsUserLocal SettingsApplication DataIdentities{GUID}MicrosoftOutlook Express

    Depends on what version of Windows…

    - Sam

    Reply
  • rahmath ali June 15, 2010 at 6:49 am

    Hi,

    I did this fix, but I forgot to delete the account from AD, and I tried this solution, but I lost my profile when I logged in again.

    specially I lost my outlook express account which, I am using as external mails.

    Any one there to help me to get back my profile.

    Waiting for a quick reply.

    Thanks In advance.

    SYED

    Reply
  • Eric May 13, 2010 at 2:00 am

    Un-joining and re-joining the domain worked for me! Thanks!

    Reply
  • Leslie York April 30, 2010 at 8:41 am

    I've rebooted after changing from the domain to the workgroup and used the example workgroup name. Now I can't log on to the machine AT ALL. Before trying this fix, I could get on if I disconnected my network cable. Now I can't even logon while disconnected. Thanks for making my problem worse!!

    Reply
  • Malcolm March 24, 2010 at 4:07 pm

    Shane you probably have that computer and another computer with the same name on the domain. Try taking it off the domain and giving it a different name but make sure you add the name in your directory. Then, add it back to the domain. Hope this helps.

    Reply
  • Desdemona February 20, 2010 at 8:30 am

    If the problem keeps on reoccuring then check ADUC for matching DNS names. I don't know how your naming system works, but its easy for me to search for possible matches since we use the computers S/N in the name (part of it). I had that problem with a workstation and found a bogus name in ADUC that was similar and had the exact same DNS name.

    We have a large number of workstations and quite a few techs of different levels working on them, so sadly this is not a completely isolated event.

    Reply
  • Richard November 4, 2009 at 5:38 am

    John presumably feels very high and mighty now, but should probably consider that not everyone who experiences this problem is dealing with a simple Windows XP Pro box. Try involving centrally managed thin clients, perhaps with firmware refreshing going on, and see if you should be the one researching a new profession.

    Reply
  • john smith March 18, 2009 at 3:08 am

    lol, you can just unjoin the pc from the domain and rejoin. That will fix this issue. He/she is correct about the DC as the problem just not the fastest solution to the fix. If you spent more than 5 min on this problem time to look for a new profession. Have a good one!!

    Reply
  • Pete February 4, 2009 at 6:25 am

    AWESOME! Like another poster I burned about an hour and a half before finding this fix. Rock on!

    Reply
  • Garth January 4, 2009 at 2:31 am

    I am too tired …. five days later …. but thankyou, thankyou, thankyou …. it worked ! F*@!ing Microsoft !!!!

    PS. It shouldn't be this hard!

    Reply
  • soscode October 22, 2008 at 1:08 am

    i had same issue with shane.

    Reply
  • Nick August 18, 2008 at 3:28 pm

    Worked great for me! Could have been a huge issue. It was our Terminal Server that had the issue (aprox 50 users) so it would have been a hell if I had not found this before the next work day. Hopefully I don't have the re-occurring issue like Shane above me has posted…

    Many Thanks!

    Reply
  • Shane March 27, 2008 at 8:14 am

    I did this fix and it work for a little while but then after about a week the same user came back with the same issue. I've rejoined the same computer from the domain many times befroe but it keeps coming back. Any one have any ideals?

    Reply
  • Alex January 31, 2008 at 2:31 pm

    Thank you for this great tip. I only burned 2 hours before I found this.

    Reply
  • ian December 28, 2007 at 4:30 am

    nice one – this helped me loads – you are the bomb

    Reply

Leave a comment

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Subscribe

Free email subscriptions
Get latest updates in email for free:

Translate This Page