Windows 2000 Error: A domain controller for your domain could not be contacted

by Wayne Maples [Published on 20 April 2004 / Last Updated on 20 April 2004]

By default, Windows 2000 suppresses error messages when logging on a user with cached credentials when the domain controller can not be contacted. A common situation when a laptop user is traveling.

In Windows NT 4, the default is to display the error message. There are security implications. See Cached Logon Hashes for details on this and related registry keys.

If you want to display a message that the domain controller is unavailable, you need to set both ReportDC=1 which is an NT/W2K/XP setting and ReportControllerMissing=TRUE which is a W2K/XP setting.

Hive: HKEY_CURRENT_USER
Key: Software\Microsoft\WindowsNT\CurrentVersion\Winlogon
Name: ReportDC
Type: REG_DWORD
Value: 0 default: suppress domain controller message
Value: 1 dont suppress domain controller message

Hive: HKEY_LOCAL_MACHINE
Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Name: ReportControllerMissing
Type: REG_SZ
Value: FALSE default: suppress domain controller message (default)
Value: TRUE dont suppress domain controller message (must be all caps TRUE)

See Also

Featured Links