locked
Wireless laptops got thrown out of the domain frequently RRS feed

  • Question

  • 2008R2 Server

    Windows 7 DellLaptops

    WIFI in all rooms.

    Wireless laptops got thrown out of the domain frequently. I know how to place them back, but that's no sollution.

    I'd like to know the real reason, so I can change the fact that they are thrown ou tof the domain and I don't need to travel to all locations solving this irritating problem.

    In every room there is WIFI and approximatily 5-10 laptops using WIFI. The desktop PC's have no problem at all. They are connected through a wire.

    I hope someone can give me a few good leads, or just the solving lead ;)

    Ben.


    Ben van der Meer

    Saturday, June 2, 2012 6:27 AM

Answers

  • Hello,

    no, the way to handle it is:

    1. built master machine and also keep an eye on this article about SUSClientID which must be configured either http://support.microsoft.com/kb/903262

    2. prepare for using sysprep with answer files

    3. run sysprep and shutdown

    4. use Ghost to built the image

    5. install the image and boot the machine, now sysprep will use the answer file and follow the specifications in it, if configured including domain join


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Monday, June 4, 2012 5:56 AM

All replies

  • Wireless laptops got thrown out of the domain frequently

    I Presume the network is getting disconnect from the laptop. If yes what is the error message on the laptops, Area there any events getting logged on the laptops?

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Saturday, June 2, 2012 6:33 AM
  • Hi,

    Please let us know what error that you get once laptop's loosing connection from domain, that helps us to narrow down the issue. However please check the following link and correct settings if you messed wireless configuration.

    http://technet.microsoft.com/en-us/library/dd145310(v=WS.10).aspx

    http://technet.microsoft.com/en-us/library/cc778180(v=WS.10).aspx

    http://technet.microsoft.com/en-us/library/cc773359(v=WS.10).aspx

    All the best.

    Saturday, June 2, 2012 10:15 AM
  • To be complete, the trust relationship between the domain and the machine is not there anyone.

    THat's what I get. It's at a primary school and the teachers don't really read messages (like most users, by the way).

    So I never heard about an error message and realy don't see anything in the event viewer.

    I know 3 laptops I fixed (the wordkaround) and there numbers and I'll monitor them coming week.

    But of the 50-75 laptops they have, every week about 4 loose there trust relationship.

    Rejoin them is no solution, just a workaround is my oppinion.

    I'd like to know what's the real source of the problem, so there can be a constructive solution.

    Regards,

    Ben.

    | MCITP Server Administrator on WIndows Server 2008

    | MCITP Enterprise Administrator on WIndows Server 2008

    | MCITP Virtualization Administrator on WIndows Server 2008 R2

    | MCITP Enterprise Desktop Administrator on Windows 7

    | MCITP Enterprise Desktop Support Technician on WIndows 7

    | Small Business Specialist

    | MCTS SMAll Business Server 2008, configuration

    | Microsoft Certified System Associate Windows Server 2008

    |and more ...


    Ben van der Meer

    Saturday, June 2, 2012 1:27 PM
  • Got it!!!

    How the laptop OSes are prepared/installed? Seems to be a issue with Duplicate SID in AD.

    Error :Trust Relationshitp between Workstation and Primary Domain failed mainly occurs due to following reasons.

    1. Single SID has been assigned to multiple computers.
    2. If the Secure Channel is Broken between Domain controller and workstations
    3. If there are no SPN or DNSHost Name mentioned in the computer account attributes
    4. Outdated NIC Drivers.

    I have a techwiki on this , Please refer it

    http://social.technet.microsoft.com/wiki/contents/articles/9157.trust-relationship-between-workstation-and-primary-domain-failed-en-us.aspx

    If machines are having duplicate SID then use Sysprep to assign new SID for them (refer the above link for details)

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Saturday, June 2, 2012 1:43 PM
  • Hello,

    trust relationship problems often belong to machines that are created from an image that is NOT prepared with sysprep. Another option is that DNS settings are not correct with using ONLY the domain DNS servers on the NIC.

    For DNS check please post an unedited ipconfig /all from the DC/DNS servers and one machine with problems.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Saturday, June 2, 2012 2:48 PM
  • Hi there,

    Laptops are  made with Ghost (historical issue overthere and the System Owner just wants it this way ...)

    The image is a machine with a workgroup and later on the name is changed and the laptop is joined to the domain.

    The strange thing I find about this case is, that it's more than one machine that needs a new rejoining and that today this one and for example next week the other one needs rejoining. There is absolutely no consistency to be found. 

    So, if I understand it,   the best way to work is,

    1. Use Sysprep

    2. Check if the domain DNS servers are set right

    Than the issue should be resolved.  Let me know if I'm right, than I'm going to do this and monitor the school coming week.

    Yours,

    Ben.


    Ben van der Meer

    Saturday, June 2, 2012 3:50 PM
  • Hello,

    there is no problem with using Ghost for the images, if you stick to the Microsoft policy.

    "The image is a machine with a workgroup and later on the name is changed and the laptop is joined to the domain"

    This is not enough, it MUST be prepared with sysprep to keep also support from Microsoft.

    http://support.microsoft.com/kb/314828 http://support.microsoft.com/kb/828287

    How sysprep works http://technet.microsoft.com/en-us/library/dd744512(WS.10).aspx

    For the existing machines you should also run sysprep which of course removes data on the client, just check the article.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Saturday, June 2, 2012 4:10 PM
  • Hi there,

    So,

    1. Ghost image

    2. sysprep

    3. join the domain

    And if I'm correct ghostwalker is not supported ?

    They all are Windows 7-32 bit machines by the way, no XP machines, as in the article.

    I do know how sysprep works and what it does.

    By the way, can easy transfer be used to put back the data of the existing and newly installed (using sysprep) machines ?

    If so, I think I'll install 10 laptops in the new way, so I can monitor if the issue is resolved and I have a real resolution.

    Should be great, Because there are people that need to be convinced !

    Yours,

    Ben.

     

    | MCITP System Administrator on WIndows Server 2008

    | MCITP Enterprise Administrator on WIndows Server 2008

    | MCITP Virtualization Administrator on WIndows Server 2008 R2

    | MCITP Enterprise Desktop Administrator on Windows 7

    | MCITP Enterprise Desktop Support Technician on WIndows 7

    | Small Business Specialist

    | MCTS SMAll Business Server 2008, configuration

    | Microsoft Certified System Associate Windows Server 2008


    Ben van der Meer

    Saturday, June 2, 2012 5:09 PM
  • Just one thing came to my mind ...

    The strange thing, by the way, still is that this only happens with laptops.  Desktops have no problems.

    The way we do them are the same, still only laptops have issues.

    Yours,

    Ben.

    | MCITP System Administrator, Enterprise Administrator, Virtualization Administrator 

    | MCITP Enterprise Desktop Administrator on Windows 7, Enterprise Desktop Support Technician on WIndows 7

    | Small Business Specialist, SmAll Business Server 2008, configuration

    | Microsoft Certified System Associate Windows Server 2008


    Ben van der Meer

    Saturday, June 2, 2012 5:17 PM
  • Hello,

    no, the way to handle it is:

    1. built master machine and also keep an eye on this article about SUSClientID which must be configured either http://support.microsoft.com/kb/903262

    2. prepare for using sysprep with answer files

    3. run sysprep and shutdown

    4. use Ghost to built the image

    5. install the image and boot the machine, now sysprep will use the answer file and follow the specifications in it, if configured including domain join


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Monday, June 4, 2012 5:56 AM
  • Just one thing came to my mind ...

    The strange thing, by the way, still is that this only happens with laptops.  Desktops have no problems.

    The way we do them are the same, still only laptops have issues.

    Yours,

    Ben.

    Hello,

    then you can be lucky not having problems until now.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Monday, June 4, 2012 5:57 AM
  • Hi there,

    I talked to my colleages and heared that the laptop were thrown out of the domain at the moment when the laptop connects through WIFI and discovers a network where you choose for home,  public or domain.  Here we always choose for domain, but after that the trust relationship of the machine is broken and the Sh.. hits the van...

    after teelling you this, could there be an other reason ?  Problems don't happen in XP, only in Windows 7 and  using the laptops with WIFI.

    Maybe someone got an other idea ? I also start the sysprep-thing with 10 laptops to see if it helsp.

    Thanks for your input.


    Ben van der Meer

    Monday, June 4, 2012 8:28 PM
  • Ben ,

    Trust relationship occurs mainly due to ,

    • Single SID has been assigned to multiple computers.
    • If the Secure Channel is Broken between Domain controller and workstations
    • If there are no SPN or DNSHost Name mentioned in the computer account attributes

    As posted in my previous link, Apart from this I dont see any other reason for this error message. Please Use sysprep tool and check.

    I would recommend you to perfrom the troublshooting which are meantioned in the below article

    http://social.technet.microsoft.com/wiki/contents/articles/9157.trust-relationship-between-workstation-and-primary-domain-failed-en-us.aspx

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Tuesday, June 5, 2012 6:19 AM