Windows – Can’t access internet using a domain joined computer outside the domain environment

domainwindowswindows xp

We had an unused computer at work, so I took it home. It had been joined to the domain and hasn't been unjoined. When I try to use it at home (logging in with a local admin account) I can't seem to access Internet pages.

It gets the correct IP address and gateway for the local network and correct DNS servers for the home ADSL connection.

I can happily ping the home router (which doesn't have any tricky firewall settings). I can't seem to ping outside, get any DNS to resolve, or (obviously) get any web pages. Is there some problem here with this having been joined to the domain?

Best Answer

The fact that you get an IP address and can ping the router, means your network is up. If you cannot get outside the network, then likely your LAN settings are configured to go through a proxy, probably a left-over configuration from when on the domain.

First make sure you are not on the domain anymore: Right Mouse Button My Computer, Properties, on the "Computer Name" tab click the "Change" button to 'rename this computer or join a domain', and check it is on a workgroup, and not on the old domain:

enter image description here

Then make sure you don't try connect via a proxy (some domains have this setup). From Control Panel access Internet Properties, on the Connections tab, in the LAN settings check you are not connecting via an old proxy (from the previous domain setup).'

enter image description here

Related Solutions

Windows 7 – Can’t access UNC Shares but can Ping and RDP

Check to see if print and file sharing is turned on in network and sharing center > advanced sharing settings. My issue was file and printer sharing would not stay turned on. To resolve this I checked all automatic services. Found that "netlogon" service was disabled. The "netlogon" service is dependent on a service called "workstation". Had to start "workstation" service and was then able to start "netlogon" service. This resolved the issue.

Dns – BIND can’t resolve a domain name

It sounds as if you are having some difficulty, so here are two (hopefully) working examples for you. Note that the first option (the .com zone) will likely prevent resolution of normal .com domains (e.g. google.com). The second option (the dns1.com zone) does not have this drawback.

Example .com Zone Files

ex. /etc/bind/named.conf.local

; "db.com.tld" is a random name - use whatever you like.
; The same goes for "db.rev.192".
;
; Likewise, you can adjust your "allow-transfer" settings,
; etc. as needed.

zone "com." IN {
    type master;
    file "/etc/bind/zones/db.com.tld";
    allow-transfer { none; };
};

zone "56.168.192.in-addr.arpa" IN {
    type master;
    file "/etc/bind/zones/db.rev.192";
    allow-transfer { none; };
};

ex. /etc/bind/zones/db.com.tld

; BIND data file for TLD ".com"
;
; This will likely break real ".com" websites (i.e. anything not listed here).

$TTL 3600
@   IN  SOA     com.    admin.com. (
                2018040501  ; Serial
                604800      ; Refresh period
                86400       ; Retry interval
                2419200     ; Expire time (28 days... later)
                604800 )    ; Negative Cache TTL (1 week)

; Name Servers - NS records
@       IN NS  ns1.com.   ; This is required
@       IN NS  ns2.com.   ; You should have two name servers

; Name Servers - A records
ns1                 IN A        192.168.56.3        ; This is required
ns2                 IN A        192.168.56.3        ; You should have two name servers

; Our domains/sub-domains
dns1                IN A        192.168.56.3        ; dns1.com
host1.dns1          IN A        192.168.56.7        ; host1.dns1.com
host2.dns1          IN A        192.168.56.8        ; host2.dns1.com

Note that is okay to use a period like this, though arguably redundant in this case:

;ok.period.com.     IN A        192.168.56.3        ; ok.period.com -> FQDN

And this is what you should avoid:

;no.period.         IN A        192.168.56.3        ; Don't use periods for sub-domains
;no.period.com      IN A        192.168.56.3        ; While this works, this is actually accessed as no.period.com.com!

ex. /etc/bind/zones/db.rev.192

; BIND reverse data file.
; The domain, etc. used should be a listed 'zone' in named.conf. 

$TTL 86400
@   IN SOA      com.    admin.com. (
                2018040501  ; Serial
                10800       ; Refresh
                3600        ; Retry
                604800      ; Expire
                86400 )     ; Minimum

; In this case, the number just before "PTR" is the last octet 
; of the IP address for the device to map (e.g. 192.168.56.[3])

; Name Servers
@       IN NS   ns1.com.
@       IN NS   ns2.com.

; Reverse PTR Records
3       IN PTR  dns1.com.   
7       IN PTR  host1.dns1.com.
8       IN PTR  host2.dns1.com.

Note that the setup above likely limits your options with regards to having your machines access .com domains other than the ones you create (i.e. they will likely not be able to access them). If you wish them to access foreign .com domains, you can try the narrower approach below.

Example dns1.com Zone Files

ex. /etc/bind/named.conf.local

; "db.dns1.com" is a random name - use whatever you like.
;
; Likewise, you can adjust your "allow-transfer" settings,
; etc. as needed.

zone "dns1.com" IN {
    type master;
    file "/etc/bind/zones/db.dns1.com";
    allow-transfer { none; };
};

You can use the same named.conf.local reverse zone entry as above.

ex. /etc/bind/zones/db.dns1.com

; BIND data for http://dns1.com

$TTL 3600 
@   IN SOA      ns1.dns1.com.   admin.dns1.com. (
                2018040501  ; Serial
                604820      ; Refresh
                86600       ; Retry
                2419600     ; Expire
                604600 )    ; Negative Cache TTL

; Name Servers - NS records
@       IN NS   ns1.dns1.com.   ; This is required
@       IN NS   ns2.dns1.com.   ; You should have two name servers

; Name Servers - A records
ns1                 IN A        192.168.56.3        ; This is required
ns2                 IN A        192.168.56.3        ; You should have two name servers

; Our domains/sub-domains
dns1.com.           IN A        192.168.56.3         ; dns1.com 
host1               IN A        192.168.56.7         ; host1.dns1.com
host2               IN A        192.168.56.8         ; host2.dns1.com

ex. /etc/bind/zones/db.rev.192

; BIND reverse data file.
; The domain, etc. used should be a listed 'zone' in named.conf. 

$TTL 86400
@   IN SOA      dns1.com.   admin.dns1.com. (
                2018040501  ; Serial
                10800       ; Refresh
                3600        ; Retry
                604800      ; Expire
                86400 )     ; Minimum

; In this case, the number just before "PTR" is the last octet 
; of the IP address for the device to map (e.g. 192.168.56.[3])

; Name Servers
@       IN NS   ns1.dns1.com.
@       IN NS   ns2.dns1.com.

; Reverse PTR Records
3       IN PTR  dns1.com.   
7       IN PTR  host1.dns1.com.
8       IN PTR  host2.dns1.com.

Best Answer

Related Solutions

Windows 7 – Can’t access UNC Shares but can Ping and RDP

Dns – BIND can’t resolve a domain name

Related Question