Re: Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- From: JayDee <dopamine@xxxxxxxx>
- Date: Wed, 12 Dec 2007 11:10:16 -0800 (PST)
On Dec 12, 6:04 am, "Paul Bergson [MVP-DS]"
<pbergson@xxxxxxxxxxxxxxxxx> wrote:
When a machine joins the domain (Domain Controllers are included in this) it
is assigned a password. When you reboot it, when the machine is starting
back up it is required to log onto the domain, just like a user account. By
default the password is changed every 30 days, if your machine has been
turned off over the change the machine is unable to log back on until you
either remove and add the machine from the domain -or- using nltest or
netdom to reset the machine account.
http://support.microsoft.com/kb/216393/en-us
http://support.microsoft.com/default.aspx?scid=kb;en-us;154501
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"JayDee" <dopam...@xxxxxxxx> wrote in message
news:689dae55-eadd-4cf2-b449-004be24fb81b@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
There have been numerous posts regarding this over the past year, but
virtually all of them offer the suggestion of removing the computer
from the domain, adding it to a workgroup, then without rebooting
adding it back to the domain. My concern, however, is that we're
starting to see this on a number of computers and I need to understand
why.
The problem is as follows:
We have some Windows XP devices that were removed from the network for
a week or two then powered back on. They now receive the following
error when powered back up and as a result, my only choice is to log
on with the administrator ID:
"Windows cannot connect to the domain, either because the domain
controller is down or otherwise unavailable, or because your computer
account was not found."
1) Once logged on, the System Event Log on the XP workstation had the
following message:
Event ID: 3210
"This computer could not authenticate with \\dc.domain.com, a Windows
domain controller for domain DOMAIN, and therefore this computer might
deny logon requests. This inability to authenticate might be caused by
another computer on the same network using the same name or the
password for this computer account is not recognized. If this message
appears again, contact your system administrator."
2) The domain control which attempted to authenticate the computer had
this error:
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5722
Date: Date
Time: Time
User: N/A
Computer: ComputerName
Description: The session setup from the computer ComputerName failed
to authenticate. The name of the account referenced in the security
database is AccountName$.
The following error occurred:
Access is denied.
3) I discovered that the computer is still registering with WINS (yes,
we still have it around) but NOT registering with Dynamic DNS for the
active directory domain it is a part of. I tried rebooting and also
doing an "IPCONFIG /registerdns" to no avail. I also confirmed correct
DNS addresses and there is only one network card in the computer. I
also confirmed that the workstation can, in fact, PING all DC's in
it's site including the one in #2 above.
I tried adding a record for this computer into DNS manually just to
see what would happen - no change.
So again, I know it will probably work to add it to a workgroup and
then back to the domain, but I need to understand why this is happen.
Here are some of the things I ruled out:
* I have confirmed that the computer has been off-line for less than
the number of dates in the "HKLM\System\CurrentControlSet\Services
\Netlogon\Parameters\maximumpasswordage" key.
* The computer has not been rebuilt using the same name without first
deleting the old name in the domain
* The computer name does not exist in any other DNS domains
I'm at a loss, please help!!
Thank you very much!!
- JayDee- Hide quoted text -
- Show quoted text -
Paul, thanks - but I covered that in my original email - excerpt
below. Any other ideas?
* I have confirmed that the computer has been off-line for less than
the number of dates in the "HKLM\System\CurrentControlSet\Services
\Netlogon\Parameters\maximumpasswordage" key.
- JayDee
.
- Follow-Ups:
- Re: Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- From: Paul Bergson [MVP-DS]
- Re: Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- From: Paul Bergson [MVP-DS]
- Re: Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- References:
- Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- From: JayDee
- Re: Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- From: Paul Bergson [MVP-DS]
- Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- Prev by Date: Re: TW0 DCs
- Next by Date: Re: Demote DC
- Previous by thread: Re: Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- Next by thread: Re: Windows cannot connect to the domain & Event ID 3210 5722 - Lots of Details!
- Index(es):
Relevant Pages
|
