We help IT Professionals succeed at work.

I keep getting this error on my 2008 r2 server

Frank Stellato
on
The session setup from computer 'TESTBOARD-PC' failed because the security database does not contain a trust account 'TESTBOARD-PC$' referenced by the specified computer.  

USER ACTION  
If this is the first occurrence of this event for the specified computer and account, this may be a transient issue that doesn't require any action at this time.  If this is a Read-Only Domain Controller and 'TESTBOARD-PC$' is a legitimate machine account for the computer 'TESTBOARD-PC' then 'TESTBOARD-PC' should be marked cacheable for this location if appropriate or otherwise ensure connectivity to a domain controller  capable of servicing the request (for example a writable domain controller).  Otherwise, the following steps may be taken to resolve this problem:  

If 'TESTBOARD-PC$' is a legitimate machine account for the computer 'TESTBOARD-PC', then 'TESTBOARD-PC' should be rejoined to the domain.  

If 'TESTBOARD-PC$' is a legitimate interdomain trust account, then the trust should be recreated.  

Otherwise, assuming that 'TESTBOARD-PC$' is not a legitimate account, the following action should be taken on 'TESTBOARD-PC':  

If 'TESTBOARD-PC' is a Domain Controller, then the trust associated with 'TESTBOARD-PC$' should be deleted.  

If 'TESTBOARD-PC' is not a Domain Controller, it should be disjoined from the domain.
Comment
Watch Question

Neil RussellTechnical Development Lead

Commented:
You do exactly as it says. You have a computer by that name on your network that has no domain account. You need to find the PC and join it to a workgroup and then rejoin the domain again.
This should correct the problem.

Author

Commented:
Tried that twice didn't work
Is your Windows 2008 server a domain controller?  If so, try this:

1.  Go to the machine named "Testboard-PC" and join a workgroup.  Give the workgroup a different name (NOT the same as the domain name). This will unjoin the workstation from the domain.  Then reboot the computer.
2.  Go to the domain controller, open AD Users and Computers.  Go to the OU that contains your computers (will be named "Computers" if you're using the default), and delete any objects for "Testboard-PC."
3.  Go back to the Testboard-PC workstation and rejoin the domain.  Reboot again.

Author

Commented:
Thanks hypercat that worked.   I didn't even think about deleting the Testboard-PC from the Domain controller.
Most people don't because theoretically the computer account is supposed to be deleted automatically when you unjoin the domain.  But over the years I've found that it doesn't get deleted sometimes, and this causes the issue that you described. I routinely check the ADUC after unjoining workstations from the domain just to be sure.