Domain not available (Win XP)

Question

Creator

Topic
January 13, 2010 at 7:27 am #2198655

Domain not available (Win XP)

Locked

by lfruchter · about 12 years, 7 months ago

Hey Sages,

I run a fun little network at a public school with Dell XP workstations and a Dell Win Server 2003. I’ve added new Dell laptops and used Dell workstations to our domain with no problem for about a year now. Recently, I thought I’d save some money and get some 8 HP laptops instead of 6 Dells. I’m now trying to integrate an HP 6535b to our network and it’s driving me nuts!

I configured its Windows Wireless Network Connection to work with our DNS server — no problem.

I loaded all our wireless LAN settings into its Broadcom Wireless Utility — no problem; all VLANs are visible and I can surf the WWW.

As the computer’s Administrator, I joined the computer to our domain — no problem; going through Network Places I can get to my server documents and the machine shows up on the server’s list of workstations.

When I try to log in on the laptop as a network user, however, I get the “System cannot log you in because the domain [our school domain] is not available” message.

I plugged an ethernet cable into the laptop and could log in that way. Once the laptop had the network user settings stored from that wired log in, I unplugged the cable and tried to log in wirelessly. The machine let me in as an offline network user and I saw that the Broadcom Wireless Utility showed none of the wireless VLANs that I had loaded as the laptop’s local Administrator.

What gives? On all the Dell laptops I’ve worked with, loading the wireless settings as the Administrator allows access to them for all other users. How do I make this work?

Thanks so much for any help,
Lev in Brooklyn

This conversation is currently closed to new comments.
Creator

Topic

All Answers

Author

Replies
- January 13, 2010 at 7:27 am #3021830
  
  Clarifications
  
  by lfruchter · about 12 years, 7 months ago
  
  In reply to Domain not available (Win XP)
  
  Clarifications
- January 13, 2010 at 8:47 am #3021817
  
  not enough information
  
  by cg it · about 12 years, 7 months ago
  
  In reply to Domain not available (Win XP)
  
  Bottom line is, the wireless clients can’t contact the domain controller and that usually means the client isn’t on the same subnet or doesn’t have the correct DNS server settings.
  - January 15, 2010 at 8:31 am #3021706
    
    Symantec blocks network?
    
    by lfruchter · about 12 years, 7 months ago
    
    In reply to not enough information
    
    Unfortunately, the DNS settings are correct. Remember, the machine joined the network and can connect to the server when I work as the lcoal administrator. Those settings are not carrying over to the wireless login after startup.
    
    One problem MIGHT be Symantec’s new Symantec Endpoint Protection which these laptops have instead of the older version on all my other workstations . This SEP has a feature called “Network Threat Protection” which comes installed in the “On” position. Does anyone know if this blocks automatic network settings?
    
    Thanks again, Lev
    - January 15, 2010 at 8:50 am #3021703
      
      local machine admin account isn’t logging on to domain
      
      by cg it · about 12 years, 7 months ago
      
      In reply to Symantec blocks network?
      
      that’s logging on to the local machine.
      
      To log on to the domain with a domain account, admin or otherwise, you have to authenticate with the AD domain controller. If that isn’t available, you either use cached credentials or you get the message windows can’t log you in no domain controller available.
      
      Usually, getting that error on a workstation means that the workstation can’t find a domain controller [DNS issue] or the workstation doesn’t get an address on the correct subnet. Wrong subnet, no communications.
      
      note: Typically, firewalls operate on the principle that outbound traffic and it’s return traffic is allowed. Inbound traffic is denied.
    - January 20, 2010 at 7:58 am #2836682
      
      Uh Huh
      
      by lfruchter · about 12 years, 6 months ago
      
      In reply to local machine admin account isn’t logging on to domain
      
      Yes, that’s the situation, but given that the DNS settings are correct, why isn’t the laptop using those network settings to locate the domain controller? That’s the problem…
    - January 20, 2010 at 6:42 pm #2836540
      
      Still not enough information.
      
      by cg it · about 12 years, 6 months ago
      
      In reply to Uh Huh
      
      wired works, wireless doesn’t.
      
      given that wireless has security options like encryption type, SSID, user name and password, channel, and even type, you don’t mention anything about this.
      
      What about addressing?
      
      Some people think they are connected to a wireless network when in fact they are not. Seen this many times especially with saved profiles.
- January 15, 2010 at 8:58 am #3021701
  
  AHA!
  
  by kenone · about 12 years, 7 months ago
  
  In reply to Domain not available (Win XP)
  
  Make sure that “Network Threat Protection” is turned off on the server. Otherwise it will “Protect” the server from the clients. Nice, huh?
  - January 20, 2010 at 7:55 am #2836684
    
    NTP on Laptop, not Server
    
    by lfruchter · about 12 years, 6 months ago
    
    In reply to AHA!
    
    Dear Kenone,
    
    Thanks for taking an interest in my woes. Unfortunately, my server runs good old Symantec AV, not this new Symantec Endpoint Protection that’s on these laptops. The SAV on the server doesn’t have any Network Threat Protection features or settings. There’s no reference to that phrase in the Help files and, of course, it still logs in all the older laptops which use the old SAV.
    
    The historically fumble-prone central tech bureaucracy here configures these laptops and locks down certain applications, even if I log in as the local Administrator. I can’t change the NTP settings or remove the SEP through the Add/Remove Programs control panel. Is there a way that I, as the local Administrator, can get into the registry and deactivate the Network Threat Protection settings? I could at least then test whether it’s the SEP that’s causing this problem. Does anyone know how to do that?
    
    Thanks as ever, Lev
    - January 20, 2010 at 8:39 am #2836672
      
      Try asking here
      
      by kenone · about 12 years, 6 months ago
      
      In reply to NTP on Laptop, not Server
      
      http://www.symantec.com/connect/security/forums
      
      These folks can be a big help. I used to spend half my life there before we got rid of SEP.
    - January 20, 2010 at 3:19 pm #2836568
      
      The Motherlode!
      
      by lfruchter · about 12 years, 6 months ago
      
      In reply to Try asking here
      
      Thanks Kenone. That’s a ton of info. Now, if only the bureacratic higher ups will divulge the password, then I can do something about all this.
    - January 21, 2010 at 7:07 am #2836447
      
      ping gateway, server…
      
      by bapster · about 12 years, 6 months ago
      
      In reply to The Motherlode!
      
      I may have missed this, but can you ping the server, and gateway from the laptop (that is connected through the WAP?)
      
      What IP address and gateway are you pulling on the Laptop? Compare these settings to one of the machines that is hard-wired to the network to assure you are on the same subnet/ip range.
- January 28, 2010 at 2:47 pm #3020758
  
  I think it’s Symantec.
  
  by lfruchter · about 12 years, 6 months ago
  
  In reply to Domain not available (Win XP)
  
  Thanks so much for all your interest, everyone. Again, the problem seems to be the laptop’s internal security (Thank you Symantec NTP! Thank you NYC Dept. of Ed.!) preventing the wireless network user from accessing the pre-loaded network settings. There is quite a lot about this on Symantec’s forums. The laptop functions just perfectly when one logs in another way and then accesses the wireless networks. (IP addresses and everything are perfect.)
  
  So unless anyone has some clues for getting around Symantec’s NTP, I’ll let you know how it turns out.
  
  Thanks again,
  Lev
Author

Replies

Viewing 3 reply threads

Start or Search

Start New Discussion

Recruiting a Scrum Master with the right combination of technical expertise and experience will require a comprehensive screening process. This hiring kit provides a customizable framework your business can use to find, recruit and ultimately hire the right person for the job. This hiring kit from TechRepublic Premium includes a job description, sample interview questions ...

Knowing the terminology associated with Web 3.0 is going to be vital to every IT administrator, developer, network engineer, manager and decision maker in business. This quick glossary will introduce and explain concepts and terms vital to understanding Web 3.0 and the technology that drives and supports it.

While the perfect color palette or the most sublime button shading or myriad of other design features play an important role in any product’s success, user interface design is not enough. Customer engagement and retention requires a strategic plan that attempts to measure, quantify and ultimately create a complete satisfying user experience on both an ...

Networks

Question

Domain not available (Win XP)

All Answers

Clarifications

not enough information

Symantec blocks network?

local machine admin account isn’t logging on to domain

Uh Huh

Still not enough information.

AHA!

NTP on Laptop, not Server

Try asking here

The Motherlode!

ping gateway, server…

I think it’s Symantec.

How to recruit and hire a Scrum Master

Web 3.0 quick glossary

How to recruit and hire a User Experience Designer

Industrial Internet of Things: Software comparison tool