Fix: The system cannot contact a domain controller to service the authentication request

Kevin ArrowsPublished on March 5, 2024
Kevin is a certified Network Engineer

When the error “The system cannot contact a domain controller to service the authentication request” occurs, it typically happens during login attempts to a Windows domain-joined computer, especially when trying to access network resources such as a mapped drive. This issue results in failed authentication because the client computer is unable to establish a connection with the domain controller for verification.

The most common cause of this issue is the domain controller being offline, possibly due to maintenance or a power outage. Other contributing factors may include improper configuration of the client device, network connectivity problems, host server issues, or incorrect DNS settings.

Having discussed the causes, let’s now delve into the solutions to this error.

1. Check for Errors in Windows Event Viewer

To gain insight into the cause of this error, it is wise to first consult the Windows Event Viewer for any domain controller-related errors.

  1. Press the Win key, type Event Viewer, and press Enter to open it.
  2. Expand the Windows Logs section and select System.
  3. Focus only on the events that contain keywords associated with a domain controller and have sources such as DNS.
  4. Upon locating an appropriate event, analyze the event ID. If DNS is not configured properly, you might see an Event ID that indicates an issue with DNS resolution for the domain.

2. Ping the Hostname and DC (Domain Controller) from the Client Device

It is recommended to start by checking the basics before proceeding with more complex troubleshooting steps. Pinging the DC (Domain Controller) from the affected device will help verify whether the DC is reachable.

2.1 Domain Controller

  1. On the DC, open the Command Prompt.
  2. Type the following command to display network details:
    ipconfig/all
  3. Note the IPv4 address to use later on the affected device.
  4. Also, remember the hostname so you can ping it from the affected device along with the IPv4 address.

2.2. Affected Device

  1. Click the Start Menu and search for Command Prompt.
  2. Press Enter to launch the Command Prompt.
  3. Type ping followed by the DC IP address you copied earlier.
  4. Ping the hostname by typing ping followed by the hostname.
  5. If the DC is accessible, verify that it can also reach the affected device.

3. Ping the Affected Device from the DC (Domain Controller)

Having pinged the DC, the next step is to try pinging the affected device from the DC to ensure connectivity.

3.1 Affected Device

  1. Press the Win key and search for Command Prompt.
  2. Press Enter to enter the Command Prompt.
  3. Execute the command ipconfig/all by pressing Enter.
  4. Copy the IPv4 address to use in the next steps on the Domain Controller.

3.2 Domain Controller

  1. In the Command Prompt on the DC, ping the affected PC by typing:
    Ping <copied IPv4 address>

  2. If the DC can reach the client PC, this suggests that the issue lies with your DNS settings.

4. Configure the DNS on the Affected Device Correctly

Given that the DC and the client PC can communicate with each other, it is highly likely that your DNS settings are not properly configured.

Your DNS settings may be defaulting to those of your router rather than those of your domain, preventing the affected PC from accessing the DC and causing this error. Therefore, updating your DNS settings is necessary to resolve the domain when connecting to the DC.

4.1 Domain Controller

  1. Once more, open the Command Prompt on the DC and enter ipconfig/all.
  2. Note the IPv4 address and then proceed with the instructions on the affected device.

4.2 Affected Device

  1. Access the Control Panel by typing it into the Start Menu.
  2. Go to Network and Internet > Network and Sharing Center.
  3. From the left sidebar, click on Change Adapter Settings.
  4. Right-click your Network Adapter and choose Properties.
  5. Select Internet Protocol Version 4 (TCP/IPv4) and click on Properties.
  6. Opt for Use the following DNS server addresses.
  7. In the Preferred DNS Server field, enter the IPv4 address you recorded earlier.
  8. For the alternative DNS, input 8.8.8.8.
  9. Click OK to save the changes.
  10. Attempt to connect to the DC from the affected device again; it should now be successful.
Kevin ArrowsPublished on March 5, 2024
Kevin is a certified Network Engineer
ABOUT THE AUTHOR
Photo of Kevin Arrows

Kevin Arrows


Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.