Symptoms: The primary purpose of logging on with cached credentials is to enable you to access the local workstation. However, if you have logged on by cached credentials, you may be unable to access network resources because you have not been authenticated. For example 1) after you log on to a w2k/xp laptop by using cached credentials, you may be unable to access the network resources. This issue is commonly experienced by laptop users whose computer resides in a Windows Server domain and who log on to the computer by using cached credentials prior to being able to establish a remote access connection. 2) You log on to a w2k/xp laptop with a domain logon option in a workgroup network. After you establish the connection and you try to map the network drives, the operation may be unsuccessful, and you may receive the following error message: "System Error: (1311) There are currently no logon servers available to service the logon request."

I have a windows 2000 professional laptop workstation. I used to belong to a domain on my network, but I recently
changed by network settings to belong to a workgroup. Once I restarted my machine, it won't let me log into windows 2000 at all! The error says wrong user name or domain. For some reason, I think it's trying to access the domain - even though I don't belong to it anymore. Even when I'm not connected to the network, I cannot log into windows 2000 at all. How can I get into windows 2000? How can I change this?!

A: After changing the domain to a workgroup, only the member of local administrators can logon the computer. the resolutions: 1. logon the local administrator to local computer and add the users. 2. If you don't have the administrator password, you may need your network administrator to help you.

Symptoms: When attempting to logon w2k/XP with domain logon option at workgroup network, you may receive "No Windows domain controller is available..." message and not be able to log on the workgroup network by using cached credentials.

Resolutions: To resolve this problem, obtain the latest service pack for W2K/XP.

Symptom: 1. When trying to move the computer off of the domain and into a workgroup the following error message is displayed, "The computer could not be removed from the domain <domain name>. The revision level is unknown." 2. You may receive the same error when remove a client from the domain.

Causes: 1. You are logging on local user instead of a domain a administrator. 2. The registry keeps some old or other domain information need to be cleaned.

SYMPTOMS: After you install the Windows Internet Name Service (WINS) component, you may not be able to gain access to the WINS database on the local WINS server. When you try to gain access to the WINS database, you may receive the following error message: "Cannot find the WINS server", "The WINS server you specified cannot be located", "The WINS server might be down, there might be network problems, or the WINS service might not be installed", and "The network path was not found".

RESOLUTION: When WINS Manager starts, it tries to contact the File Server service on the WINS server. Specifically, WINS Manager checks for NetBIOS suffix 20 on the WINS server. If File and Printer Sharing is disabled, it disables the File Server service and NetBIOS suffix. You must have File and Printer Sharing enabled to use WINS.

SYMPTOMS: When trying to join a Win2K/XP computer to a domain, you receive the following error message: The following error occurred when attempting to join "domain name". The network path was not found.

RESOLUTION: 1) make sure you are using an correct IP for the DNS. 2) make sure you have correct DNS and WINS server on your network. 3) try to enable NetBIOS over TCP/IP on Win2K/XP if this is NT domain controller.

Can't join or logon domain

Symptoms: When attempting to join a domain, you may receive one of the following error messages 1) "The following error occurred attempting to join domain "example.com": The network location cannot be reached."
2) "Network path not found."
3) "The remote computer is not available."
4) "The domain name "Domain" is either invalid or doesn't exist."
5) "The specified domain either does not exist or could not be contacted."

Resolutions: 1) Make sure the File and Print Sharing for Microsoft Networks option is not enabled on the Windows 2000 domain controller.
2) If you receive "Network path not found.", it is possible you are using an incorrect IP for the Domain Name Service (DNS) server. Make sure you have correct DNS and WINS settings. You also can use nslookup or ping to check if the client points to the correct DNS.
3) If you get "The specified domain either does not exist or could not be contacted", check if there is network protocol installed on the computer.
4) If you try to join the domain by using the NetBIOS domain name, you are successful but not the fully qualified domain name (FQDN) of the domain, and receive "The following error occurred attempting to join domain "example.com": The network location cannot be reached." To fix this problem, enable the TCP/IP NetBIOS Helper Service is not running on the client computer.
5) If WINS is not enabled on the computer and the computer is located in different TCP/IP subnet than the NT 4.0 PDC, you can configure the computer to use the LMHOSTS file for NetBIOS name resolution.
6) If you have two NICs in the client, make sure that you can ping DNS server.

Symptoms: 1. when upgrading driers or SP, the computer crashes and stops rebooting. After fixing or using last good to restore it, you may be able to logon using cache credentials, can't access the network.
2. You can't logon the network randomly (sometimes works while another time doesn't wok).
3. You may logon by using cache credentials, but you can't browse any networking computers.
4. Net view command doesn't show any list.
5. Logon doesn't run logon batch file.
6. Browstat status command shows no Master Browser.

Resolutions: to fix this problem, you may need to combine the following resolutions, for example, applying SP and then re-join the domain.
1. Make sure Computer, Server, TCP/IP Helper and Workstation services are running.
2. Make sure you point to the DNS on TCP/IP settings.
3. Check DNS and WINS servers and make sure correct settings and records.
4. Check the hardware settings such as duplex and NIC driver.
5. Use static IP to test it.
6. Remove it from the domain and re-join it.
7. Apply or reapply SP.

Can't join or logon NT Domain

Symptoms: 1) When attempting to join or logon a domain, you may receive "The specified domain either does not exist or could not be contacted" message. 2) When attempting to use the net view command from the client, you receive the following error message: "System error 53 has occurred. The network path was not found." Also, if you attempt to ping by name from the computer does not work. Pinging by IP address does work. 3) Or you may receive "The Specified Domain Either Does Not Exist or Could Not Be Contacted "

Resolutions: 1) If you have WINS server, check the WINS settings on the domain and clients.
2) If you don't have WINS, enable NetBIOS over TCP/IP.
3) Some third-party DNS servers have been known to cause this problem.
4) If network configuration requirements make it impractical to enable NetBIOS over TCP/IP, one possible workaround is to install a new protocol, such as NetBEUI, on both the client and the server.
5) If WINS is not enabled on the computer and the computer is located in different TCP/IP subnet than the NT 4.0 PDC, you can configure the computer to use the LMHOSTS file for NetBIOS name resolution.

Can't join XP clients to a NT domain

Symptoms: 1. When attempting to join a Windows XP Pro computer to a NT domain, you may receive the following error message: The following error occurred validating the name "domain name". The specified domain either does not exist or could not be contacted.
2. When attempting to use the net view command from the Windows XP Pro computer, you may receive the following error message: System error 53 has occurred. The network path was not found.
3. You can ping the server by IP address but when you ping it by name from the Windows XP Pro computer, it does not work.

Resolutions: 1. Setup WINS server or check the WINS settings.
2. If you don't have WINS, enable NetBIOS over TCP/IP (NetBT) on the workstation.

Copying User Accounts

When you create user accounts that contain many configured attributes, and those attributes are similar from one user account to the next, you may want to use Copying User Accounts feature. To do this, you can create a template user account that contains mandatory attributes and the optional attributes that are similar from one user account to the next or simply right-click on a user account you want to copy, and select copy to create a new user.

Symptoms: when you attempt to change the domain or workgroup name, you may find it is gray out and can't make the change.

Cause: you can't make change under Computer Name if this is DC. You should use dcpromo to do so.

To use a laptop to access to different domain without changing the domain settings, logon local machine (instead of domain) using your domain logon ID that also are created on your local computer. If it is possible, you may create the same logon id and password on all domain so that you always are able to access the domain you are connecting to. Also you may want to create one batch file like logon.bat with domain logon ID and password to map network drives.

When you try to change the network information to a domain comptroller, you find the Network ID and Properties buttons will not be available. The way to change the network information on a domain controller would be to demote the controller to a member server, change the necessary information, and then promote the server back to a domain controller.

If you would like to check who is logging on a particular PC in the (same subnet) network, you can use command nbtstat -a computername. That will show NetBIOS Remote Machine Name Table such as username, <03>, type and status.

If you have a laptop used at home and sometimes used in the office, you would like to map a network drive without logon the domain, you can create a batch file like that “net use h: \\ervername\sharename password /user:domainname\username".

To synchronize the time on all the computers in a network, create a logon script and use net time command, for example, net time \\computername /set /yes.

As a network consultant, I work on different network every day and need to switch network settings such as IP and DNS accordingly. Fortunately, W2K/XP comes with a useful tool, netsh.exe, that can switch network settings quickly. To copy abc.com network settings, type command netsh -c interface dump >c:\abc.txt. The abc.com network settings will be saved at the root of the C drive. You can create as many network settings as I like. When you work at abc.com next time, you will load the settings by typing netsh -f abc.txt command and the abc.com network settings will take effect immediately.

To verify if you are logging on to the domain and which server you are logging on, at a command prompt, type set, and then press ENTER. Look for the LOGONSERVER entry. If it is set to the name of your computer, you were logged on using cached domain credentials. If you are logging on the domain, the LOGONSERVER entry is set to one of the domain controllers.

A: You as an Administrators can configure an internal time server as authoritative by using the net time command.

You can also configure the Time Service on the AD to recognize an external Simple Network Time Protocol (SNTP) time server as authoritative. Use the following net time command: net time /setsntp:server_list. Note: 1) The United States Naval Observatory runs several SNTP time servers that are satisfactory for this function, for example, ntp2.usno.navy.mil (at 192.5.41.209) and tock.usno.navy.mil (at 192.5.41.41). 2) that SNTP uses User Datagram Protocol (UDP) port 123. If this port is not open to the Internet, you cannot synchronize your server to Internet SNTP servers.

After you set the SNTP time server as authoritative, run the following command on computers other than the domain controller to reset the local computer's time against the authoritative time server: net time \\servername /set /yes.

Q: I have an isolated Windows 2000/NT domain for I/O testing. I want to change TIME on one of my W2K server; however after approx. 30min. the TIME of this server was reset back to my domain time.

A: You can disable the 'Windows Time' service on the computer you don't want to update.

After you changed net use I: \\serverA\shared to \\serverB\shared in your logon script, some windows 2000 machines are still mapping to \\serverA\shared. The reason is that net use /persistent:yes is default settings for NT and win2000/XP. You can disconnect the old mapping and re-logon. That will map to \\cbgntB\shared. Also you may want to use NET USE I: \\servername\folder /persistent:no so that next time when we change the mapping, it will automatically map to the new settings.

Problem with License Manager
I have followed the instructions in Q153140 and Q194065 on how to reset License Manager information. Two days later, I am getting warnings in my Event Logs that my Windows Server is out of licenses. Its finding ghost users that have been deleted from my system for 3-4 years How do I really delete their licenses and make them stop coming back?

A: Many people have reported the same problem. You may want to disable the License Manager and manage the licenses manually.

A: Symptom: when copying files from a client computer to W2K domain controller, network performance is slower. You may notice this problem occurs only if you copy many small files but not copy a few large files.

Resolution: 1) apply SP3 on the W2K domain controller; 2) edit the TcpDelAckTicks registry value to adjust the TCP delayed ACK timer (refer to MS Q321098).

SYMPTOMS: When you attempt to join a Microsoft Windows 2000-based client to a Microsoft Windows NT 4.0-based or Windows 2000-based domain, you may receive the following error message: The following error occurred validating the name "domain". The specified domain either does not exist or could not be contacted.

RESOLUTION: 1. Temporarily remove the assigned DNS address from the client. After the client has successfully joined the domain, reconfigure the client with a DNS server's IP address.
2. 3. Delete the problem computer from DNS records and re-create it.
3. Contact the manufacturer of your DNS server to inquire about the availability of an update for the DNS server that supports SRV records.

1) Check you DHCP, WINS and DNS server settings and make sure they are working.
2) ipconfig /all on clients shows correct DNS and WINS.
3) If you do not use DHCP, you need to add DNS in the properties of TCP/IP. 4) if you have more than one NICs and one of them does not plug, disable it.

"The network path was not found" error

When attempting to join "domain name", you get this error "The network path was not found". This behavior can occur if you are using an incorrect Internet Protocol (IP) address for the Domain Name Service (DNS) server or have incorrected WINS settings. To resolve this behavior, make sure that the IP addresses of the DNS and WINS servers on your network are specified correctly in your TCP/IP settings.

Why W2K/XP clients logon so slower

1) Slow logon from W2K/XP to a win2000 domain usually indicates a DNS and WINS configuration issue. If DNS/WINS is configured uncorrected, XP will take longer time to search DNS/WINS and will be time out if it can't find the DNS/WINS. 2) Servers and clients have more than one protocols such as TCP/IP, NetBEUI and IPX. 3) If you have one unplugged and enable network adapter on the computer, you should disable it.