Cannot login to domain with CIS

lschafroth · December 31, 2008, 3:59am

I have downloaded the latest version of CIS and it is configured to work with my workstations. UltraVNC works, IE works, SNMP works.

Domain LOGIN is DEAD. The only way to get CIS to let me login to the domain is to remove the PC from the domain, then re-add it. Only then will CIS let me login after that. I dont intend to do this on every machine.

Disabling Defense and Firewall did nothing to help. I called tech support who transferred me to a gal who barely spoke english. She put me on hold after having me try useless options. She then said she had no idea and I should post a message for help. Wow, 28 systems down and now I have to wait on a forum for support.

This most certainly will hender my decision to buy an enterprise version next year.

Lannie

rhgtyink · December 31, 2008, 11:18am

Hello Lannie,

Welcome to the forums, I’m sorry to hear that your experience with the Tech support was bad.

Can you tell me a bit more about your setup, are you using windows XP SPx ?
What are your domain controllers ?

Is it dead direct after install ? I’ve seen this before.

Can you still logon Local on the system ?

Is the domain controller on the same LAN and ip range ?

I’m using it also on a domain environment so we can make it work

lschafroth · December 31, 2008, 4:53pm

I am using XP SP3 and I can login to the local account. I can do everything on the PC I need to except login to the domain. The domain is a MAC Xserve running as a PDC for windows machines. It looks and acts exactly like a windows 2003 PDC.

I also Deep Freese the machines so I need to conigure Comodo to stop updating itself all the time. I have updating turned off but it pops up a message constantly all day stating it is updating the definitions.

The only way to fix the machines at this point is to remove them from the domain and readd them.

The workstations sit on a seperate subnet from the domain controller. We use all Cisco switches and VLANs.

Lannie

rhgtyink · December 31, 2008, 8:50pm

For the updating there are 2 kinds of updates, CIS application updates and AV database updates.
If you don’t want them (but then again your AV is not having the best protection)… you have to disable update av database for Real-Time/Manual and Scheduled scan.

Have you tried this ?

Install CIS, reboot, login local, turn Firewall to Disabled, reboot, logon to domain ?

If that works you need to create extra rules to allow access to/from the ip(s) of the Xserve’s.
Put logging on those rules, set firewall to Training mode and reboot/login.

See what traffic matches.