Link to home
Avatar of ArkAdmin
ArkAdminFlag for United States of America

asked on

cannot add machine to SBS domain

In an attempt to fix a problem I have created another.
I have deleted a computer name from the list of client computers in the SBS Client Computers snapin.  I re-added the client computer name using the same snapin. Now I am unable to login to the domain from that computer with any user account.

I believe this is the associated logon error below. I have tried logging onto the local machine as the local admin and reconnecting to the domain with a different machine name (it does not seem possible if i don't change the computer name), however, it will not allow me to rejoin the machine to the domain.

If possible, I would like to resolve this so that the user can login with the same credentials and have the same local desktop environment and personal settings.  

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5723
Date:            2/25/2007
Time:            8:48:33 PM
User:            N/A
Computer:      LEVIATHAN
The session setup from computer 'OMEGA' failed because the security database does not contain a trust account 'OMEGA$' referenced by the specified computer.  
If this is the first occurrence of this event for the specified computer and account, this may be a transient issue that doesn't require any action at this time. Otherwise, the following steps may be taken to resolve this problem:  
If 'OMEGA$' is a legitimate machine account for the computer 'OMEGA', then 'OMEGA' should be rejoined to the domain.  

Avatar of freymish
Flag of United States of America image

I would first remove the computer from the domain by changing it to a workgroup.  Then delete the computer account from the domain using the AD Users and Computer tool at the server.  Give AD a good fifteen minutes before re-joining the computer to the domain.
Under normal circumstances you should never have to remove a computer from a domain other than by changing it's membership to a workgroup or another domain.  When you delete the computer account from the server you also delete the SID record which the server uses to verify that the machine is valid on the domain.  The only way to create a new SID is to rejoin the domain from the workstation.

Try that and see if it resolves the problem.

Avatar of Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy
Flag of United States of America image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of ArkAdmin


Thanks Jeff, believe it or not, that is the first time in two years that I have successfully connected a client computer using the http://<servername>/connectcomputer wizard. I guess that explains a lot. I don't think that SBS makes it clear that the XP System Properties Computer Name tool is NOT to be used. I always tried to use the SBS connectcomputer wizard AFTER using the XP standard method to join the domain and it never worked properly. I didn't realize that this tool is meant to take the computer directly from the workgroup to the domain.

I think that this will also resolve the problem I was having this weekend setting up Symantec SCS groupware; it would not add the client computer to it's push-list saying that it didn't have access to the ADMIN$ share and that I needed to disable Simple File Sharing. I'll post this as a separate question if i have any more trouble.

sorry fremish, i meant to give you 25% points. its ok if the admin can fix this.