I have a rather odd problem regarding a computer that couldn't log in to my AD domain. I have 2 DCs running as replication partners on a fairly small domain. Earlier this week, a particular computer (that hadn't been experiencing any problems for some time) received an error when logging in to the domain. The error message said Windows cannot connect to the domain either because the domain controller is down or otherwise unavailable or because your computer account was not found. I found no errors in the AD tree on the DC servers. I wound up creating completely new user and computer accounts in the AD and removing and rejoining the machine from/to the domain. All seemed to work. Tonight, he rebooted his computer (for the first time since we got it up and running earlier in the week) and got the same error message as before. I checked the AD tree on the servers again and found nothing unusual. His user account is still there, still enabled, etc. His computer account is still there - looks OK. I removed the computer from the domain and rejoined it to the domain and it let him log on with seemingly no problems. However, the local user profile was removed from his computer and he has insufficient permissions to access certain areas of his hard drive when logged in to the domain. Soooooooo.... I added an account to his local users list with the domain and his user name and gave him local administrator permissions. Logged off - logged back on using that same domain name and password that he was just logged on with before, and he now has access to the entire contents of his hard drive. He rebooted the machine again and got the same error message. It doesn't do this when he logs off and back on again, but with every reboot, it fails again. This seems unnecessary to me on a clean machine like this. This machine was completely reformatted roughly a month ago for other reasons and XP Pro was reloaded on it. It has all service packs and critical updates. It has Norton Antivirus running with new definitions - nothing there. It has AdAware running with new definitions - nothing there. When the hard drive was reformatted a month ago, I joined him directly to the domain while installing XP. I don't know if this matters or not. Do you have any suggestions as to why this is happening? Thanks in advance.