Ran into a strange problem today. A week-old XP box that could log in to a domain yesterday suddenly couldn’t today. We were getting an error box that said:
Windows cannot connect to the domain either because the domain controller is down or otherwise unavailable or because your computer account was not found.
It winds up that that XP tries to cryptographically sign Netlogon sessions, which the servers do not like. The work around according to JSI FAQ is:
1. Use Control Panel to open Local Security Policy in the Administrative Tools.
2. Navigate to Local Policies / Security Options.
3. Double-click Domain Member:Digitally encrypt or sign secure channel data (always).
4. Press Disabled.
5. Press Apply and OK.
I had to also do the old “change to ‘login to workgroup’ and then back to ‘login to domain'” trick. After a reboot it worked fine.