• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 142
  • Last Modified:

Why these workstations were not able find the DC?

This is using a MS Windows 2003 AD domain. As for the workstations, there are XP, Win7, and little bit on Win8. Once in a while, the problem of workstation not able to logon to the domain occurs. Please see the error message in details:

 EventID: 5722
    Source: Netlogon

    Problem Descriptions:
    The session setup by the computer ACCT_EXEC1_PC failed to authenticated.
    The name(s) of the account(s) referenced in the security database
    is wks77_PC$. The following errors occurred:

    Access is denied    

I heard that this is because the password of the computer account reset and some how, it wasn't recognized by the DC. The only way I can do is to disjoin this workstation, and then re-join it back. This method works, but still, this is not the right method right? Any way to solve the problem once and for all?

Thanks!
0
MichaelBalack
Asked:
MichaelBalack
1 Solution
 
Santosh GuptaCommented:
Hi,

This setting can be changed by "Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Domain member: Maximum machine account password age" using Local computer policies or domain GPOs.

Note:
If you increase this interval to 0 so that the computers no longer change their passwords, an attacker will have more time to undertake a brute force attack to guess the password of one or more computer accounts. if you dont think you have such threat then you can change it.
0
 
MichaelBalackAuthor Commented:
okay
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now