Solved

Failed to authenticate with \\<computer name>, a Windows NT domain controller for domain

Posted on 2012-04-11
3
663 Views
Last Modified: 2012-04-30
Hey

Some of our computers gets the following error: (Windows ThinPC)

Event ID: 3210Source: NETLOGON
Type: Error
Description:
Failed to authenticate with \\<computer name>, a Windows NT domain controller for domain <domain name>.

If we rejoin the computers - they work again.

But why? (no other computers has taken the computername)
0
Comment
Question by:mikeydk
  • 2
3 Comments
 
LVL 10

Expert Comment

by:Prashant Girennavar
ID: 37836322
This is mainly due to secure channel broken between the workstation and the domain.

When you unjoin and rejoin the computer , computer account passowrd will get reset and it will in sync with Active directory.

I would recommand you to go through below link to understand this better.

http://social.technet.microsoft.com/wiki/contents/articles/9157.trust-relationshitp-between-workstation-and-primary-domain-failed-en-us.aspx

Also refer below link which explains this behvaiour in detail.

http://support.microsoft.com/default.aspx?scid=kb;en-us;555038
http://eventid.net/display.asp?eventid=3210&eventno=1115&source=NETLOGON&phase=1

Regards,

_Prashant_
0
 

Author Comment

by:mikeydk
ID: 37836353
Is there any way to see if the SID on the Computeraccount in the AD equls the SID on the local computer?
0
 
LVL 10

Accepted Solution

by:
Prashant Girennavar earned 500 total points
ID: 37836421
A computer's SID is stored in the Registry's SECURITY hive under SECURITY\SAM\Domains\Account.

On AD there are mutiple ways

1.Login to domain controller---->launch ADSIEdit---->Go to the path where computer object is stored---->Properties---->Attribute editor------->SID

2. You can use below command line to get the computer SID,

dsquery * -filter "(objectcategory=computer)" -attr objectsid (Run this on DC)

3.Or you can use Joe's Adfine Tool.

adfind -default -f objectcategory=computer objectsid

Regards,

_Prashant_
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question