Windows
Steps below : ------------------- You can get the number of users whose credentials are cached on the computer from the registry using PowerShell: (Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon").CachedLogonsCount Interactive logon: Number of previous logons to cache (in case domain controller is not available) under Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options. ipconfig /all Get-NetIPConfiguration netsh winsock reset netsh int ip reset ipconfig /release & ipconfig /renew Get-Service Dhcp, Dnscache, Netlogon | Restart-Service nslookup -> your_domain_name PortQry.exe –n your_dns_server -p both -e 53 Check if there are static DNS entries in the hosts file: Get-Content $env:SystemRoot\System32\Drivers\etc\hosts. Remove the records you do not need from the file. If a lot of users are impacted by the DC connectivity issue, you need to check the domain controllers and AD status. 1. Check the domain controller and AD replication health; 2. Check the W32Time (NTP) service and time on your DCs and clients. It must not differ more than by 5 minutes; 3. Verify that Windows Defender Firewall policy rules on the domain controllers are not blocking inbound traffic from your clients; 4. Make sure that the netlogon service is running on the DC. Check if SYSVOL and NETLOGON administrative shares are available: net share (you may have problems with sysvol and netlogon shares after restoring Active Directory from a backup); 5. If you have recently decommissioned a domain controller, make sure that it was removed correctly; 6. Check for SRV records for AD domain controllers in DNS (https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/verify-srv-dns-records-have-been-created). If the DC records have been removed, this will cause problems for clients to find the domain controller and establish a secure channel (trust relationship).