[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Why these workstations were not able find the DC?

Posted on 2014-03-16
2
Medium Priority
?
141 Views
Last Modified: 2014-03-24
This is using a MS Windows 2003 AD domain. As for the workstations, there are XP, Win7, and little bit on Win8. Once in a while, the problem of workstation not able to logon to the domain occurs. Please see the error message in details:

 EventID: 5722
    Source: Netlogon

    Problem Descriptions:
    The session setup by the computer ACCT_EXEC1_PC failed to authenticated.
    The name(s) of the account(s) referenced in the security database
    is wks77_PC$. The following errors occurred:

    Access is denied    

I heard that this is because the password of the computer account reset and some how, it wasn't recognized by the DC. The only way I can do is to disjoin this workstation, and then re-join it back. This method works, but still, this is not the right method right? Any way to solve the problem once and for all?

Thanks!
0
Comment
Question by:MichaelBalack
2 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 2000 total points
ID: 39932687
Hi,

This setting can be changed by "Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Domain member: Maximum machine account password age" using Local computer policies or domain GPOs.

Note:
If you increase this interval to 0 so that the computers no longer change their passwords, an attacker will have more time to undertake a brute force attack to guess the password of one or more computer accounts. if you dont think you have such threat then you can change it.
0
 
LVL 1

Author Closing Comment

by:MichaelBalack
ID: 39949703
okay
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Integration Management Part 2
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question