This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 15%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Here's a really weird problem. I have a small company that is still running Windows SBS 2011 with about 19 computer connected to a domain. They are probably going to retire the server but Covid has changed plans for now.
One of the workstations (Windows 10 Pro) was intermittently having problems connecting to the domain controller. After a good deal of troubleshooting (more on this below) what I found was this. When starting or restarting the workstation, if I logged in immediately to Windows, everything was fine. If I restarted and left it on the Lock screen (or windows login screen) for a few minutes, it failed to connect to the domain and the network shares did not work. It does start up but if I try to access the network shares I get: "P:\ is not accessible. The system cannot contact a domain controller to service the authentication request. Please try again later" (also when I try accessing files from the UNC address). If I restart and immediately log in, its fine. I can log out and leave it for an extended period of time and its fine. Only when I shut down & start or restart and leave it on the login screen for a few minutes, do I have this problem. There is no hardware firewall that restricts LAN traffic, only a Google Wi-Fi that has NAT-translation firewall from outside the LAN.
Some of the things I have done that haven't helped are:
Here is an update. I have wiped out the offending workstation (completely reformatted the drive0, reinstalled a fresh version of windows and the problem returned. Could this be a hardware problem?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Unlikely a hardware problem. Did you happen to give it the same computer name?
--please don't forget to upvote and Accept as answer if the reply is helpful--
Hi
I ask all those question as usually the error "The system cannot contact a domain controller to service the authentication request. Please try again later" is related to a bad DNS server setting on the NIC.
If the NIC can't talk to the DNS server correctly the NIC would broadcast a whois domainname and wait for the DC to answer.
If all the settings are corrects and you can ping the DNS server, make sure in your DNS's zone into your DC that you have not a old DC as nameserver still there. In the console you can easily seen if it's the case as it would be shown there; DNS's console->Direct search zone-> domainname->(same as parent) Nameserver, as if you see an old server there, let me know.
Thanks
Philippe
What is weird is that if I log in immediately after a restart, the domain is joined, If I wait longer than 2 minutes, it isn't joined.
HI
1.Does this issue PC connect to SBS2011 by using VPN now?
2.Could you please enter below command on issue PC then check if this PC is using IPV6 address(not ipv4 address)?
The System Cannot Contact A Domain Controller To Service The Authentication Request
https://www.kapilarya.com/the-system-cannot-contact-a-domain-controller-to-service-the-authentication-request
Please Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice.
I completely disabled ipv6 and the problem still remained.
Thanks for your help. This one is really weird!
Thinking that maybe it was some other software/service, I disabled all non-microsoft services and all startup programs. The problem still remained.
Michael
HI
"if I waited longer than about 2 minutes on the login screen. If I logged in right away - no problem."
1.If we diable wired network /wifi network, will there be the same above issue?
2.What's the difference between this issue win10 and normal win10?
Could you please enter below command on both this issue win10 and normal win10 respectively then look which the difference between them?
get-hotfix
Could you please enter below command on both this issue win10 and normal win10 respectively then look which the difference between them?
gpresult /h c:\win10normal.html
gpresult /h c:\win10issue.html
3.Did you check the system time is synchronized with AD domain?
4.Are there any logs in system, application, security in event viewer?
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
HI
I ran the command and didn't see significant differences between the two html documents. THey are lengthy so maybe I'm not looking at the right places. What should I be looking for? Is it safe to post the html here?
I think we can check the first key words "logon" in gpresult report. For example: Interactive logon
Interactive logon: Machine inactivity limit
https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit
There are event logs (huge amounts) on both computers. What would I be looking for specifically?
When this issue happen, we can check security log first on sbs2011, is there event id 4625?
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
HI
Is there any progress on your question?
I'd check the domain controller and problem member both have the static ip address of DC listed for DNS and no others such as router or public DNS.
--please don't forget to upvote and Accept as answer if the reply is helpful--
ere are the results of checking the dns server on various workstations looking directly at the adapter properties:
In the adapter set up for the workstations (all of them) the ipv4 dns preferred server is 192.168.1.2 (the server's address).
In the adapter set up for the Server the ipv4 dns preferred server is 127.0.0.1
in the adapter set up for all workstations the ipv6 dns preferred server is set to get automatically
In the adapter set up for the Server the ipv6 dns preferred server is ::1
I I'm not sure what the ipv6 preferred dns means means on the server "::1"?
ipconfig /all | findstr "DNS\ Servers" on the server
C:\WINDOWS\system32>ipconfig /all | findstr "DNS\ Servers"
DNS Servers . . . . . . . . . . . : fe80::9401:4d4:f5e5:6760%6
ipconfig /all | findstr "DNS\ Servers" on a workstation that is having the problem and most of the other workstations
C:\WINDOWS\system32>ipconfig /all | findstr "DNS\ Servers"
DNS Servers . . . . . . . . . . . : 192.168.1.2
I'm running out of characters in this replay so I'll post the full ipconfig results for the server in another comment...
FYI Full IPCONFIG (ipconfig /all) on SERVER
Windows IP Configuration
Host Name . . . . . . . . . . . . : SCPCSERVER
Primary Dns Suffix . . . . . . . : SCPC.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : SCPC.local
lan
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : D0-67-E5-F3-F8-B3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9401:4d4:f5e5:6760%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 26, 2021 5:47:54 PM
Lease Expires . . . . . . . . . . : Wednesday, July 07, 2021 12:21:27 AM
Default Gateway . . . . . . . . . : fe80::201:5cff:fe6a:f646%11
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248539109
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-DD-A6-7F-D0-67-E5-F3-F8-B3
DNS Servers . . . . . . . . . . . : ::1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled