Symptoms
Using pass-through authentication from a workstation to the server fails and users have to manually enter the credentials. This might happen only with a couple of servers.
This applies to the following environments:
• Windows 2000 (all service pack levels)
• MetaFrame XP (all service pack levels)
• Client Versions 6.00, 7.00, and 8.00
Cause
This happens when the following registry key is either set to be blank or set with an incorrect domain name in it (for example, not the domain that the user resides in):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\WinLogon\DefaultDomainName
This value changes when an administrator logs onto the console (locally).
Resolution
One server was added to the domain using a Domain Administrator account and one was added using a Non-Domain Administrator account that has the “Add Workstations to Domain” right.
In the second case, the account does not have access to the trusted domain information and does not populate “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\DomainCache\”.
If you manually populate this with the list of trusted domains, the problem no longer occurs.
More Information
There are several articles on Domain Name Caching issues:
