Windows 7 workstations intermittently give the error : "The security database on the server does not have a computer account for this workstation trust relationship"

Hello All,

This error comes up from time to time on Windows 7 machines logging on to a Windows 2003/Windows 2008 R2 infrastucture. Cutting off the net access and then logging in using the cached password fixes it for a few months only. I have done the remove and rejoin thing , Computer attributes (SPN and DNS name are identical to the full computer name on the machine) . Is there any way to stop this from happening ?

Thanks for any help on this.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

When this happens what we do is

1. remove the PC from domain, restart
2. rename the PC, restart
3. rejoin to domain, restart

Some say that you don't need all of the restarts but for us that is what works.

When that doesn't work, what we do is when we rename the PC we make sure we're using a name that has not been used before.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DavidlocAuthor Commented:
There are 300 computers and I have already tried that as stated in the question. Changing a computer's name does not change the SID. The problem is intermitttent and once it is logged in using the cached info and the the net cable reattached it is good for about 1-3 months before it happens again.
I understood that you rejoined/removed but your post didn't say anything about renaming or restarting. Some people like to make those changes without restarting. Doesn't changing the name create a new computer account?

Also you might want to check dns info with nslookup on the PCs in question, or check your record scavenging because faulty dns records will cause this as well.
DavidlocAuthor Commented:
I have tried this on three of the machines naming them completely different and it seems to be working now. Only time will tell. Thank you for your help
DavidlocAuthor Commented:
I will post a follow up if it comes back on any of the machines recorded as having this done. Seems to be a perm fix for this right now though.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.