VPN logon problem

I logon to my laptop with cached domain credentials (In the event viewer of
the Windows XP client I see the obvious Event ID: 5719, Source: Netlogon). I
start a VPN connection to my corporate network with a Netscreen VPN client.
I can ping our servers,...



When I want to make a connection to a server share \\192.168.0.3\data I see
a window asking my domain credentials. I give these credentials:
DOMAIN\Username and the password (same as the cached domain credentials). I
receive an error message that: "this account is the same as the one logged
on to the system and that this account was tried before to logon. There is
no domain controller available to validate this account."




At the same time I see these errors in the system log of the Windows XP
client:
Event ID: 40960, Source: LSASRV, Category: SPNEGO (Negotiator)
Event ID: 40961, Source: LSASRV, Category: SPNEGO (Negotiator)

These events or known in the Microsoft Knowledge Base but the articles are
not related to this issue.

When I use other credentials to logon to the share (DOMAIN\AnotherUsername
and the password - NOT the same credentials as the cached domain
credentials) there is no problem. I don't see any messages in the event log
and I can connect to all my server recources.

When I logon to this laptop with a local account (no cached domain
credentials), start the VPN connection and make a connection to
\\192.168.0.3\data with DOMAIN\Username I don't have any problem either.

It seems that the problem is that the logon process only wants to validate
my account only one time. At start-up the domain controller is not yet
available and thus the system is using the cashed domain credentials. When
my domain controller is available (vpn is active) the system doesn't want to
validate my account anymore.... How can I force to validate my "cached"
credentials again to the domain controller?



Extra: I use an host file and I already experienced with the lmhost but the
above problem remains.



Does anyone have an idea?

many possibilities. quoted from http://www.ChicagoTech.net
This account is the same as the one logged on to the system and that this
account was tried before to logon
There is no domain controller available to validate this account.
There are currently no logon servers available to service the logon request.
Event ID 5719

Symptoms: 1. In client, you may receive Event ID 5719: "No Windows NT or
Windows 2000 Domain Controller is available for domain Domain. The following
error occurred: There are currently no logon servers available to service
the logon request."
2. In DC, you may receive Event ID 5719: "No Windows NT or Windows 2000
Domain Controller is available for domain chicagotech.net. The following
error occurred: There are currently no logon servers available to service
the logon request.
3. You logon domain user in a domain network, the mapping logon script
displays this message: "There is no domain controller available to validate
this account."
4. You use a office laptop to connect the office VPN, when you map a network
drive using this command line: net use \\chicagotech\shared
/u:chicagotech.net\blin, you may receive this message: "This account is the
same as the one logged on to the system and that this account was tried
before to logon. There is no domain controller available to validate this
account"

Causes: 1.The DC is down.
2. Can't access the DC.
3. The DNS issue.
4. Run out of buffer space in the NetBT datagram buffer.
--
For more and other information, go to http://www.ChicagoTech.net


Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
Networking Solutions, http://www.chicagotech.net/networksolutions.htm
VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm
VPN Process and Error Analysis, http://www.chicagotech.net/VPN%20process.htm
VPN Troubleshooting, http://www.chicagotech.net/vpn.htm
This posting is provided "AS IS" with no warranties.
<(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
>I logon to my laptop with cached domain credentials (In the event viewer of
>the Windows XP client I see the obvious Event ID: 5719, Source: Netlogon).
>I start a VPN connection to my corporate network with a Netscreen VPN
>client. I can ping our servers,...
>
>
>
> When I want to make a connection to a server share \\192.168.0.3\data I
> see a window asking my domain credentials. I give these credentials:
> DOMAIN\Username and the password (same as the cached domain credentials).
> I receive an error message that: "this account is the same as the one
> logged on to the system and that this account was tried before to logon.
> There is no domain controller available to validate this account."
>
>
>
>
> At the same time I see these errors in the system log of the Windows XP
> client:
> Event ID: 40960, Source: LSASRV, Category: SPNEGO (Negotiator)
> Event ID: 40961, Source: LSASRV, Category: SPNEGO (Negotiator)
>
> These events or known in the Microsoft Knowledge Base but the articles are
> not related to this issue.
>
> When I use other credentials to logon to the share (DOMAIN\AnotherUsername
> and the password - NOT the same credentials as the cached domain
> credentials) there is no problem. I don't see any messages in the event
> log and I can connect to all my server recources.
>
> When I logon to this laptop with a local account (no cached domain
> credentials), start the VPN connection and make a connection to
> \\192.168.0.3\data with DOMAIN\Username I don't have any problem either.
>
> It seems that the problem is that the logon process only wants to validate
> my account only one time. At start-up the domain controller is not yet
> available and thus the system is using the cashed domain credentials. When
> my domain controller is available (vpn is active) the system doesn't want
> to validate my account anymore.... How can I force to validate my "cached"
> credentials again to the domain controller?
>
>
>
> Extra: I use an host file and I already experienced with the lmhost but
> the above problem remains.
>
>
>
> Does anyone have an idea?
>
>