AD and computer account

Hello,

Windows server 2003 SP1, domain controller

A computer account PC1 has been deleted some time ago
The XP PC1 computer cannot open a server session. It is normal

I recreated in AD the computer account PC1 and it still does not work. Not possible to open a server session
It gives the classic message: the domain cannot be found of the computer account does not exist

in event viewer of the server it logs a netlogon error ID 5722
that the computer PC1 cannot be found in the database

How can I re-open a session in this computer ?
I lost the local admin password, so I cannot remove the PC1 form the domain and reintegrate it in the domain.
gadsadAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mordillo98Commented:
It is not possible to re-authenticate XP PC1 to the network unless you log in locally with an account that has admin privileges so that you can setup the PC to WorkGroup, then back to Domain.

You'll need to focus your effort to get back that local account instead of the server side.  There's nothing that can happen there.

Here's a great article that gives you multiple option to recover that admin account.

http://www.petri.co.il/forgot_administrator_password.htm

Good luck.
0
KyoshCommented:
Hi, first thing to try:
Unplug the computer from the network, this way it will allow you to log on with cached passwords.
If you are able to log in with an administrator account this way reset the local admin password and re-enter the PC to the domain.

Alternatively, reset the Admin Password using a boot-cd.
Offline NT Password and Registry editor:
http://pogostick.net/~pnh/ntpasswd/

A part of UBCD:
http://www.ultimatebootcd.com/

If you can get your hands on it: ERD Commander 2005
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
digaratiCommented:
Remove computer from active directory.  Then computer from the computer having the issue, remove it from the domain (add to a workgroup).  Restart it.  Add it back to the domain then restart. Should be good after that.
0
Bruno PACIIT ConsultantCommented:
Hi,

Recreate a computer account with the same name is not sufficient... The computer account must be "signed" by the computer itself.
This occurs when you reinsert the computer in the domain... that means that you need to log on the computer with a local administratir account, disjoin the computer from the domain by configure it in a workgroup, and join back the domain...

What you can also try, if by any chance the cache credential is enable on your computer, is:

1) shutdown your computer.
2) unplug the network wire.
3) swith on your computer.
4) try to log on with your usual domain account.

If the cache credential is still available you have a chance to log on even if the computer can not join a domain controller... Else you must found the local admin password or use some tools like "locksmith" on a bootable CD to erase the administrator password.

If you success to log on using the cache credential, the first thing to do is to create a local account with the password of you choice and make it member of "Administrators" local group, or reset the password of the local admin account.
After that you can disjoin the domain, reboot, relog with local admin account, rejoin the domain...

In fact, when a computer joins a domain, it sets a password on the computer domain account. The computer remembers this password but there is no way to obtain this password. There is no way to know or to force the password used by the computer to "sign" its domain account.
Add to that, the computer account password expires every 30 days and is then automatically changed by the computer.


Have a good day.
0
gadsadAuthor Commented:
thanks to all
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.