Issue login domain user


I'm having problems with one of the workstations on my domain, it no longer lets anyone log in to the domain, I can only log in as a local user. this started happening without any changes being made, I can fix it doing a system restore to a few days ago but then it happens again after 1 or 2 days. I have tried on the server side to remove the computer from the list workstations for the domain, and then re adding it, also restoring the account, but none of that seems to make any difference. the error message that I get when I cant log in is: error with username or password. im using windows server 2008 and the workstation with problems has win XP sp2
any help will be much appreciated, thanks in advanced
Who is Participating?
Diego_JaenConnect With a Mentor Author Commented:
Hi, ive tried all of the above and it works on some WS and for some users, but then it randomly stops working and the mapped drive is again not accessible. I think the problem is that the domain controler is in one server and the shared folder is on another one, we are migrating, I think it would be best solved if I just take down the old server and have just the new one doing everything, my question then now turns to whats the easiest way to migrate all users and computers to the new server? all help is greatly appreciated.
Thanks is advanced
Brian PiercePhotographerCommented:
It sounds like the computer has lost sync with the DC - unjoin the machine from the domain, then add it back again.
Diego_JaenAuthor Commented:
Ok, I have tried removing it from the server,  and unjoined the WS from the domain. then I added both things back, dont know if I messed up something, is there a particular orden in which I have to do this?
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

larry urbanDevOps EngineerCommented:
yes, don't remove it from the server. just, from within the WS change it to be in a workgroup. Reboot, then add it to the domain again. It lost it's security cert. Probably was ofline/off the domain for more than 30 days.
Brian PiercePhotographerCommented:
Demote it to a workgroup - then re-add it to the domain. This behaviour oftem occurs when a workstation has been restored/reimaged as clients maintain a computer password with the DC that they chnage every 30 days. If you restore/reimage the machine then the password is not sync'ed. The DC is expecting the new password and the client gives it the old one.

You can prevent this by setting the policy on the DC Domain Server: Refuse Machine Account Password Chnages - see
Diego_JaenAuthor Commented:
no one gave an answer and doing this fixed the issue
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.