none
Workstation cannot recconnect to domain after reboot RRS feed

  • Question

  • I have a small network of around 10 workstations connected to a Windows 2008R2 Domain Controller (serves as AD, DNS and DHCP). The workstations are primarily Windows 7, but new Win10 workstations are being added. This network does not have access to internet nor am I allowed to screen cap error logs and send them out. So any error messages I am retyping in. Additionally, I don't have much trained experience with Windows Administration, so any help is appreciated.

    I have a a problem with both Win7 and 10 workstations not being able to reconnect to the Domain Controller after a reboot. The workstations were a clean install of the OS and joined (sucessfully) to the domain. I reboot the machine after the initial joining and sucessfully re-login to the machine using a Domain Administrator account. If the computer is rebooted after this point (no matter how later) the machine will log in a local cached copy of the user (in this case the Domain Admin), display a message about the local cached login, but no connection to the domain server will happen. Using ping to attempt to reach the server or switch gives a "General Failure" message. 

    The local logs give several errors and warnings around that time:

    Security->Audit Failure - Sensitive Priviledge Use 

    System->GPO Failures (ID 1129) - Lack of connectivity to DC

    System->DNS Warning (8033) - Failed to register host resource records to network adapter

    System->Distributed COM Error (10016) Permission do not grant Local Activation for COM server application (various GUID) User NT_AUTHORITY\LOCAL_SERVICE SID (S-1-5-19)

    The only way I can reconnect the workstation back to the domain is to go into the Network Adapter Properties->IPv4 Properties and:

    - Switch to Obtain IP Address Automatically

    - Ok to apply and Close Adapter properties

    - Reopen the adapter and IPv4 properties

    - Re-enter the static IP for the workstation and apply

    The network adapter will reconnect to the domain sucessfully and all logouts/logins after that are sucessful. However the issue will occur if the computer is rebooted for any reason.

    I have tried:

    - Unchecking the "Register this connections address in DNS" in the Network Adapter->IPv4 Properties->Advanced

    - Adding the Server to the A record in DNS (https://www.experts-exchange.com/questions/29003228/DNS-Issue-The-system-failed-to-register-host-A-or-AAAA-resource-records-RRs-for-network-adapter-with-settings.html)

    - ipconfig /flushdns (https://social.technet.microsoft.com/Forums/windows/en-US/0100acd8-b7c8-416a-bd62-af92c92b259f/dns-client-server-event-8027-and-8033?forum=w8itprogeneral)

    - I have looked through Group Policies, as this seems to occur after domain policies are applied, but this has not been exhaustive

    Thursday, September 20, 2018 3:49 PM

All replies

  • I'd check the domain controller and problem members have the static address of DC listed for DNS and no others such as router or public DNS

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, September 20, 2018 3:52 PM
  • In addition to Dave's answer,

    I would check if a rogue DHCP server is present. When the error occur please run an ipconfig /all and check if the DHCP's server listed is your server. Often some accesspoint or such gear can answer to DHCP request and will make your computer not see the domain correctly.


    Regards, Philippe

    Don't forget to mark as answer or vote as helpful to help identify good information. ( linkedin endorsement never hurt too :o) )

    Answer an interesting question ? Create a wiki article about it!

    Thursday, September 20, 2018 4:25 PM
    Moderator
  • Enabling DHCP on the Network Adapter (after reboot and issue) gives the 169.254.71.60 automatic IP address (invalid). DNS servers are listed but the DHCP is not listed.
    Thursday, September 20, 2018 4:47 PM
  • This just means there are no operational DHCP servers on network. In that case you can assign static address on same subnet but make sure DNS is correct (as mentioned previously)

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.


    Thursday, September 20, 2018 4:49 PM
  • I checked the DNS records and there were discrepancies between the DNS and DHCP IP addresses. Static addresses were unique, execpt those listed with (Same as parent). I cleaned out the DHCP records and enabled scavenging in the DNS (MS recommended). However, after cleanout and reboot, the issue still remained.

    Question:

    When you say "no others", should there be a static IP listed with the workstation hostname (host1.nerd.net) and (Same as Parent) listed in DNS or just the (Same as parent)?


    • Edited by Sraivyn Thursday, September 20, 2018 4:54 PM Added additional information
    Thursday, September 20, 2018 4:51 PM
  • When you say "no others", should there be a static IP listed with the workstation hostname (host1.nerd.net) and (Same as Parent) listed in DNS or just the (Same as parent)?

    I'm talking about the network connection properties.

     

     




    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, September 20, 2018 4:52 PM
  • All other network connections on server are disabled.
    Thursday, September 20, 2018 5:08 PM
  • DNS had an old server listed as a forwarder, removed and updated the forwarder list.
    Thursday, September 20, 2018 5:52 PM
  • Please run;

    • Dcdiag /v /c /d /e /s:DCName >c:\dcdiag.log
      (please replace DCName with your domain controller's netbios name)
    • ipconfig /all > C:\dc1.txt
    • ipconfig /all > C:\client.txt
    • then put files up on OneDrive and share a link.

     

     




    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, September 20, 2018 6:14 PM
  • Please run;

    • Dcdiag /v /c /d /e /s:DCName >c:\dcdiag.log
      (please replace DCName with your domain controller's netbios name)
    • ipconfig /all > C:\dc1.txt
    • ipconfig /all > C:\client.txt
    • then put files up on OneDrive and share a link.

     

     




    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Unfortunatly moving anything from this network is not allowed. After running the dcdiag command you listed, there was an error in the report for an invalid DNS forwarder that was pointing to an old server. Attempting to update the Forwarder and trying again.
    Thursday, September 20, 2018 6:52 PM
  • forwarders would have nothing to do with this. Unfortunately without diagnostics this is out of scope for forums support. I'd start a support case here.

    https://support.microsoft.com/en-us/gp/contactus81?forceorigin=esmc&Audience=Commercial&wa=wsignin1.0

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Thursday, September 20, 2018 6:55 PM