Skip navigation
Menu
Compute Engines

JSI Tip 1233. Logon fails across a NAT?


If you have a NAT (Network Address Translator) seperating your domain controller from your clients, logon may fail with a message similar to:

   A domain controller for your domain could not be contacted. You have been
   logged on using cached account information. Changes to your profile since you
   last logged on may not be available.
 
   -or-

   Could not find domain controller for this domain.
NOTE: You may still be able to map drives.

This is caused by your NAT not translating the source IP address from the NetBIOS header.

NetBIOS headers that contain an Owner IP address that may require translation are:

NetBIOS Name Management
-----------------------

 - Name Registration/Refresh/Release Request
 
 - Name Registration/Refresh/Release Response
 
 - Positive Name Query Response
 
NetBIOS Datagram
----------------
 
 - Datagram Service Header
 
 - Directed and Broadcast Datagrams
 
 - Datagram Error Packets
NetBIOS datagrams are used for: 
 - Locating a logon server
 
 - Sending a logon request
 
 - Performing domain synchronization
 
 - Browser host name announcements
 
 - Browser workgroup/domain announcements
 
 - NetBIOS Master Browser Existence and Election Packets
 
 - NET SEND /d: "Message"

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
empty cockpit of autonomous car
What Is a Real-Time Operating System, and Who Needs One?
Mar 05, 2024
ERP button on keyboard
5 ERP Trends to Watch in 2024
Jan 17, 2024
automation key on keyboard
Storage Management as a Case Study for Network Automation Adoption
Dec 21, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023