?
Solved

Event ID:      5722

Posted on 2013-11-21
3
Medium Priority
?
817 Views
Last Modified: 2013-11-21
Get following error on dc.
Also get error when I try to remote in to computer (AP24-PC) using my log me in pro.

error (login): the trust relationship between this workstation and the primary domain failed. (1789)

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5722
Date:            11/21/2013
Time:            12:59:21 PM
User:            N/A
Computer:      SERVER
Description:
The session setup from the computer AP24-PC failed to authenticate. The name(s) of the account(s) referenced in the security database is AP24-PC$.  The following error occurred:
Access is denied.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 22 00 00 c0               "..À
0
Comment
Question by:jyoung127
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 14

Accepted Solution

by:
Zac Harris earned 900 total points
ID: 39666932
There are many different ways to fix this issue. Here are two I use:

Quick n Dirty:
Unjoin the computer from the domain then rejoin the computer to the domain.

Powershell:
Reset-ComputerMachinePassword [-Credential <PSCredential>] [-Server <String>]

HTH
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 900 total points
ID: 39667113
In a Microsoft Windows domain, starting with Windows 2000, a discrete communication channel helps provide a more secure communication path between the domain controller and the member servers or workstations. This channel is known as a secure channel. When you join a computer to a domain, a computer account is created, and a password is shared between the computer and the domain controller. By default, this password is changed every 30 days. The secure channel's password is stored together with the computer account on the primary domain controller (PDC). The password is replicated to all replica domain controllers.
The error basically occurs due to duplicate/conflicting object in the AD as well as DNS causing machine is not able to refresh its password end up in broken secure channel.
Means actual computer password and one stored on domain controller do not match and simply domain controller rejects the autheticatin request.
http://support.microsoft.com/kb/810977

You can do below as simplest method
Reset affected computer account on domain controller
Disjoin affected computer to workgroup and reboot
join workgroup computer to domain again and reboot
Post reboot logon with domain account and check if below commands are working
Go to run and enter %logonserver%    - this should resolve to local \ authenticating DC
Go to cmd and enter nltest /dsgetdc:domain.com
nslookup should resolve to local \ autheticating DC

Mahesh
0
 

Author Comment

by:jyoung127
ID: 39667208
Thank you for your response I figured I had to dis oin it from domain I was looking to see if there was an easier way but I think that sounds to me like that will be the easiest way.

Thank you all
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month15 days, 15 hours left to enroll

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question