Sometimes a single user might be not able to log on to domain. You can follow the checklist given below:
- You can ping the domain controller from the user's computer.
- There is no white space in the User's Home Profile in User's Property > Check it using the DSA.MSC.
- The user computer is configured with the correct DNS Server to find the domain controller > Check in TCP/IP property of the user's computer.
- The Computer Account in the domain for the user's computer is not missing > Check using the DSA.MSC
- The Computer Account in the domain is not disabled > Check using the DSA.MSC
- The Time between the domain controller and the client computer is synchronized > Check using Net Time command.
- The Domain Controller can be found > Check environment variables and check "LOGONSERVER" value or execute Nltest /DsGetDc:domain to re-locate the domain controller for the user.