Re: Can't login the morning after.

From: Roger Abell [MVP] (mvpNOSPAM@asu.edu)
Date: 08/17/02


From: "Roger Abell [MVP]" <mvpNOSPAM@asu.edu>
Date: Sat, 17 Aug 2002 00:24:57 -0700

Bruce,

If you are able to log in to one of the machines when
it is showing this problem, or if you log in then with
a local admin, try issuing in cmd
net stop dnscache
net start dnscache
and then try logoff/login with domain credentials.
This should have reset the DNS resolver to using
the first listed DNS server and fully reinitialized it.
Also, it would be interesting to know the differences
seen by issuing at cmd
netdiag
comparing result from when system is and is not
exhibiting the problem.
(netdiag is from installing the support tools from
the CD)

--
Roger Abell
MS MVP (Windows Platform), MCSE, MCDBA
Associate Expert - Windows XP ExpertZone
http://www.microsoft.com/windowsxp/expertzone
"Bruce A. Knack" <bknack@removeme.fin.uoguelph.ca> wrote in message
news:235701c243bc$be856100$35ef2ecf@TKMSFTNGXA11...
> Hi Roger:
>
> 'Restart' and 'reboot' both refer to the same thing.
> Windows XP's Shut Down dialog uses the word 'Restart'.
> NetBT is disabled in the TCP/IP properties. Microsoft
> Networking, File and Print services are turned on.
>
> In short, the situation is as you surmised. I still think
> that something to do with DNS has "timed out" or "become
> stale" as the machine sat idle overnight (running but not
> logged in). Thus, a reboot would "reset" this timer (or
> timers) and produce a clean log in.
>
> One other symtom that is seen when the user tries to log
> in is a message box saying:
>
> The system cannot log you on now because the domain XXXXXX
> is not available.
>
> I am going to load a few machines up with an AT command
> designed to reboot them at 6:00 AM. I am willing to be
> donuts to dollars that they will login fine in the morning
> around 8:30 AM. We'll see.
>
> Any other advice or speculation would be greatly
> appreciated!
>
> Cheers,
> Bruce.
>
> >-----Original Message-----
> >Bruce,
> >
> >Let us know if what Bruce offered is informative to your
> >problem, but it actually sounds to be the exact opposite.
> >You say, all is good freshly after a reboot.
> >
> >Comments are inlined . . .
> >"Bruce A. Knack" <bknack@removeme.fin.uoguelph.ca> wrote
> in message
> >news:1e0201c24308$74be8ec0$a4e62ecf@tkmsftngxa06...
> >> Hi everyone:
> >>
> >> Here's the scoop:
> >> 1 Windows 2000 server and a slew (about 50) Windows XP
> >> Pro workstations. Each night we RESTART the
> workstations.
> >> In the morning, most of them won't login (actually, it's
> >> more accurate to say that they take forever to do so
> >> after which the network drives aren't connected
> properly).
> >>
> >> If we reboot them first, they login in nice and fast
> with
> >> proper working network drives.
> >>
> >
> >OK - so I am left no knowing what is a "Restart" if it is
> >something different from a reboot.
> >
> >> Each workstation has netbios turned off, and uses no
> WINS
> >> addresses or LMHOST file.
> >>
> >
> >I am sort of curious what you mean by netbios turned off,
> >as in the disabling of NetBT in the Tcp/Ip properties, or
> as
> >in not having Microsoft Networking, File and Print
> installed?
> >
> >This should be a workable approach provided you have
> >no apps dependent on NetBIOS.
> >
> >> Each workstation has one and only one DNS entry to the
> AD
> >> server (which runs its own DNS and points to itself
> >> only).
> >>
> >
> >Great, and as it should be with one DC.  However, this
> >does not guarantee all is well.  Is the AD supporting zone
> >enable for dynamic updates or otherwise forced to contain
> >the AD supporting DNS resource records.
> >
> >> I suspect that the workstations might be more that 5
> >> minutes out of sync with the server causing kerberos
> >> problems but I haven't confirmed this.
> >>
> >
> >They should be automatically sync'ing to the DC.  In an
> >multi-DC domain they would sync to the PDC emulator.
> >
> >> Anyway, maybe the problem is a little less bizzare. What
> >> do you think?
> >>
> >
> >I would run netdiag when logged into a DC, and then also
> >when logged into a member machine.
> >This may give some hints.  I would also see whether dcdiag
> >gives any hints.
> >
> >What you describe, at least if I make assumptions about
> >what a non-reboot restart is, sounds exactly like the
> behavior
> >seen when the client is configured with multiple DNS
> servers,
> >some of which are not aware or the AD supporting DNS zone
> (s).
> >But, you have ruled this out.  With all NetBT disabled,
> everything
> >should be able to shift to being direct hosted on port
> 445 and to
> >using DNS location services - which apparently is the
> case at
> >first after a reboot.
> >
> >> I'm desparate since our NT 4 network ran hitchless for
> >> years and this is making me look like a putz. Can you
> >> say "back to NT 4 on the server??"
> >>
> >Yes, although it is round-about, if you have not yet
> switched
> >the domain to being in native mode.  IOW you can revert
> the
> >domain to NT 4 but you would need a second machine to
> >use as a BDC (to be PDC) in order to do this.
> >
> >> Cheers and TIA!
> >> Bruce.
> >
> >HTH
> >--
> >Roger Abell
> >MS MVP (Windows Platform), MCSE, MCDBA
> >Associate Expert - Windows XP ExpertZone
> >http://www.microsoft.com/windowsxp/expertzone
> >
> >
> >
> >.
> >