Tech

We can't sign you in with this credential because your domain isn't available

Hi,

This is the second time I am getting this problem. During the first time, I had to reinstall the OS in the system after losing to all the possible troubleshoot battles.

Now, I am not going to reinstall the OS again. So, to be a little descriptive, the error I’m getting is “We can’t sign you in with this credential because your domain isn’t available. Make sure your device is connected to your organization’s network and try again. If you previously signed in on this device with another credential, you can sign in with that credential”

Things I have already made:

  • Checking the DNS entries

  • Changing the cached Logins to ‘0’ in the Local Security Policies

  • Re-joining the system to Domain

  • Removing the user from Protected Users group

  • Is there any possible way I can resolve this issue without re-installing the OS?

3 Likes

hello

Please follow the link

check if problem exists

Hello @harmen

You have checked all the steps, I just want to ask did you try login with domain administrator
“domain\administrator”
You can do one more thing change computer name and then try again.

Note: In some PCs windows 10, there is a problem of changing DNS automatically. This could be the also problem

Hello

there are some ways and you can try them

  1. Reboot the system with no network connectivity
    To read the status of the system’s link to the organization, the system needs to be connected to the network. However, a lesser-known fact is that we do not actually need to log in to the system to connect it to the internet. If any network was set to default, the system would connect to the network before it reaches the lock screen. To isolate this issue, we would need to disconnect the network and reboot the system.

You could see the Network connectivity icon on the bottom-right corner of the screen. Disconnect from the network from there or If that isn’t possible, try to disconnect the sources of the network connection manually (eg. plug out the ethernet cable or switch OFF the WiFi router).

  1. Remove the user from the protected user group

The protected user group is managed by an organization’s IT team, or in general by the server admin of a group of managed systems. If a user is added to this group, he might face issues logging in normally, especially is the addition is recent. At times, it changes the associated domain (has happened with me twice). Thus, we would have to contact the team controlling the permissions in the active directory to make changes accordingly.

  1. Using Security policy snap-in

1- Press Win + R to open the Run window. Type the command secpol.msc and press Enter to open the Security Policy snap-in.

2- Go to Security Settings >> Local Policies >> Security Options .

3- On the right pane, locate the policy Interactive logon: Number of previous logons to cache (in case of domain controller is not available) and double-click it to change its value. Change the value if “Do not cache logons” to 0.
Screenshot_1

  1. Change the DNS server address

1- Press Win + R to open the Run window and type the command ncpa.cpl . Press Enter to open the Network connections window.

2-Right-click on your network adapter select Properties . You might need administrator permission for the same.
Screenshot_2

then select
Screenshot_3

right-click on it and enter google DNS servers

Preferred DNS address: 8.8.8.8

Alternate DNS address: 8.8.4.4

  1. Remove corrupted profile from registry editor
  1. Search regedit in windows 10 search box and open registry editor.

  2. Before proceeding , just take a backup of Registry editor by Going to file > Export in the registry editor.

  3. Now, go to the following location in the registry editor.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

  1. Expand profile list and find the key in the left menu having .bak in the end in the format (S-1-5-21-XXXX…XX), where xx….xx is any number.

There must be having another key with the same number without having .bak at the end. Delete that.
Screenshot_4

  1. Now, rename key with .bak at the end and remove .bak from the end.

  2. Restart your computer

I hope this will help you

1 Like

Hi @harmen,

I hope any of the above solutions had worked out for you. If not please try to follow the below steps and let me know.

Just go to Control Panel > search for User group > Edit local users and groups > Users > Protected User > right-click and choose delete.

Now restart your PC and check

Thanks

1 Like

Hi @harmen,

You will get this error, mostly in the cases where your PC is not able to communicate your domain. You need to make sure your this PC has proper communication with the domain server.

Solution 1:

Please open CMD in this PC and run the below command:

image

and type nslookup and here check the default server is showing your dns server name and ipaddress

image

Solution 2: Make sure VPN Ipv4 address

If you are using VPN make sure your VPN ipv4 address has the domain dns server ip address.

Solution 3: Recreate the user account

Please follow the below steps to delete an existing user profile and create a new one.

  • Login the PC with built-in administrator account
  • Delete the temp user profile in C:\users\
  • Delete the registry file for the temp user if available in the registry < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList.>
  • Goto c:\users and rename the default folder to something like default.old (note: you need to enable hidden files in the view to view this folder)
  • This is the main step Copy the default folder (c:\users\default) from a good working computer and paste in the exact location (c:\users\default).
  • Now restart your computer and log in.

Any of the above solutions will help you solve this error.
Thanks