What To Check If A Single User Can't Log On To Domain?

by [Published on 29 Jan. 2009 / Last Updated on 16 Oct. 2008]

This article explains the tips you can use to troubleshoot the problem for a user who can't log on to the domain.

Sometimes a single user might be not able to log on to domain. You can follow the checklist given below:

Make sure:

  • You can ping the domain controller from the user's computer. 
  • There is no white space in the User's Home Profile in User's Property > Check it using the DSA.MSC.
  • The user computer is configured with the correct DNS Server to find the domain controller > Check in TCP/IP property of the user's computer.
  • The Computer Account in the domain for the user's computer is not missing > Check using the DSA.MSC
  • The Computer Account in the domain is not disabled > Check using the DSA.MSC
  • The Time between the domain controller and the client computer is synchronized > Check using Net Time command.
  • The Domain Controller can be found > Check environment variables and check "LOGONSERVER" value or execute Nltest /DsGetDc:domain to re-locate the domain controller for the user.




See Also

The Author — Nirmal Sharma

Nirmal Sharma avatar

Nirmal Sharma is a MCSEx3, MCITP and was awarded the Microsoft MVP award in Directory Services and Windows Networking. He specializes in Microsoft Azure, Office 365, Directory Services, Failover Clusters, Hyper-V, PowerShell Scripting and System Center products. Nirmal has been involved with Microsoft Technologies since 1994. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles on various sites and contributing to PowerShell-based Dynamic Packs for www.ITDynamicPacks.Net solutions.

Featured Links