• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 591
  • Last Modified:

AD and computer account


Windows server 2003 SP1, domain controller

A computer account PC1 has been deleted some time ago
The XP PC1 computer cannot open a server session. It is normal

I recreated in AD the computer account PC1 and it still does not work. Not possible to open a server session
It gives the classic message: the domain cannot be found of the computer account does not exist

in event viewer of the server it logs a netlogon error ID 5722
that the computer PC1 cannot be found in the database

How can I re-open a session in this computer ?
I lost the local admin password, so I cannot remove the PC1 form the domain and reintegrate it in the domain.
2 Solutions
It is not possible to re-authenticate XP PC1 to the network unless you log in locally with an account that has admin privileges so that you can setup the PC to WorkGroup, then back to Domain.

You'll need to focus your effort to get back that local account instead of the server side.  There's nothing that can happen there.

Here's a great article that gives you multiple option to recover that admin account.


Good luck.
Hi, first thing to try:
Unplug the computer from the network, this way it will allow you to log on with cached passwords.
If you are able to log in with an administrator account this way reset the local admin password and re-enter the PC to the domain.

Alternatively, reset the Admin Password using a boot-cd.
Offline NT Password and Registry editor:

A part of UBCD:

If you can get your hands on it: ERD Commander 2005
Remove computer from active directory.  Then computer from the computer having the issue, remove it from the domain (add to a workgroup).  Restart it.  Add it back to the domain then restart. Should be good after that.
Bruno PACIIT ConsultantCommented:

Recreate a computer account with the same name is not sufficient... The computer account must be "signed" by the computer itself.
This occurs when you reinsert the computer in the domain... that means that you need to log on the computer with a local administratir account, disjoin the computer from the domain by configure it in a workgroup, and join back the domain...

What you can also try, if by any chance the cache credential is enable on your computer, is:

1) shutdown your computer.
2) unplug the network wire.
3) swith on your computer.
4) try to log on with your usual domain account.

If the cache credential is still available you have a chance to log on even if the computer can not join a domain controller... Else you must found the local admin password or use some tools like "locksmith" on a bootable CD to erase the administrator password.

If you success to log on using the cache credential, the first thing to do is to create a local account with the password of you choice and make it member of "Administrators" local group, or reset the password of the local admin account.
After that you can disjoin the domain, reboot, relog with local admin account, rejoin the domain...

In fact, when a computer joins a domain, it sets a password on the computer domain account. The computer remembers this password but there is no way to obtain this password. There is no way to know or to force the password used by the computer to "sign" its domain account.
Add to that, the computer account password expires every 30 days and is then automatically changed by the computer.

Have a good day.
gadsadAuthor Commented:
thanks to all
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now