NETLOGON Event ID 3210

I have to answer a question relating to this event ID...

NETLOGON Event ID 3210:
Failed to authenticate with \\w2k3-dc01, a Windows NT domain controller for domain

List 2 ways to fix the above issue, one using a graphical tool, the other a command line utility:

Help would be appreciated please
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nirmal SharmaSolution ArchitectCommented:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Fatal_ExceptionSystems EngineerCommented:
Another one?  :)  this is fun!  Been a few months since I reviewed this material!

The secure channel's password is stored along with the computer account on all domain controllers. For Windows 2000 or Windows XP, the default computer account password change period is every 30 days. If, for some reason, the computer account's password and the LSA secret are not synchronized, the Netlogon service logs one or both of the following errors messages:

The session setup from the computer DOMAINMEMBER failed to authenticate.
The name of the account referenced in the security database is DOMAINMEMBER$.
The following error occurred: Access is denied.
NETLOGON Event ID 3210 Failed to authenticate with \\DOMAINDC, a Windows NT domain controller for domain DOMAIN.

The Netlogon service on the domain controller logs the following error message when the password is not

Action # 1:   In the Active Directory Users and Computers MMC (DSA), you can right-click the computer object in the Computers or appropriate container and then click Reset Account. This resets the machine account. Resetting the password for domain controllers using this method is not allowed. Resetting a computer account breaks that computer's connection to the domain and requires it to rejoin the domain

Action # 2:  Using the Netdom.exe command-line tool

Again, good luck with your studies!

Fatal_ExceptionSystems EngineerCommented:
Just in case anyone else is interested, you can do this with a script too..  :)  You might find scripting questions on the test, but just a few.

========Start Copy=========

Dim objComputer

Set objComputer = GetObject("LDAP://CN=computername,DC=WINDOWS2000,DC=COM")
objComputer.SetPassword "computername$"


========End Copy=========
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Fatal_ExceptionSystems EngineerCommented:
And, since I just reviewed the link that SystemProg put up there, and since it is certainly correct, give him the points on this one!  :)
one good method of solving these problems (of exam 70-290) bgcm12 is asking is to (install eDonkey2000 and) find study material for the exam 70-290.

MS Press has a book "Managing and Maintaining a Microsoft Windows Server 2003 Environment" which can easilly found on the internet in pdf format. Also old exam questions and answers (from TestKing or ActualTests) are helpful.

good luck with the exam!

bgcm12Author Commented:
Thanks all.  

I had the answer - i just wanted to verify it with someone!!  Remember...cheats never prosper! :o)

Some points for all as it's only fair...
Fatal_ExceptionSystems EngineerCommented:
So, did I get the answer right?   :)

Nirmal SharmaSolution ArchitectCommented:
Thanks all,
had this in a real world scenario.  restoring a virtual machine from a 2 month old backup and it wouldn't authenticate with the domain.  found this thread and it solved my problem perfectly.

thanks much
Fatal_ExceptionSystems EngineerCommented:
Glad it helped, Dragon!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.