HP thin clients losing domain trust.

I've recently accepted a position as IT manager for a company whose network infrastructures is a train wreck. I have approximately 200 HP thin clients running Windows7 imbedded.  I have several each week that lose the trust  with the domain.  They are all scattered through several OUs mixed with standard machines.  AD has practically no structure but I can't make time to clean it up because of the thin clients losing their trust relationship.

I need to know the best way to deal with these thin clients?

Marshall
MwvarnerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Scott GorcesterCTOCommented:
Do you have the write filter permanently disabled. If not the thin clients will not permit an AD SID change and every thirty days they will lose their domain membership. Its controversial to join thin clients to AD but if you disable the write filter it is possible. I have run many thin clients and in some cases joined them to the domain with reasonable stability.

MooseSupport
0
MwvarnerAuthor Commented:
I ran the fbwfmgr.exe on one of the clients and the status was disabled.  I tried to enable it and add exceptions for the c: drive and the regfdata which is what another post I found online said to do.  When I did that I couldn't even rejoin the domain.  Maybe I didn't do something correctly but I reversed the changed and rejoined the domain.  

I've also seen several post on changing the Maxage using a GPO but the machines are scattered through out AD and mixed in with fat clients that I'm not sure how i'd change that without changing that for everyone.

Is there a way to change the max age on the client itself without using a domain GPO?

Marshall
0
Scott GorcesterCTOCommented:
what model thin clients are these?

MooseSupport
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

MwvarnerAuthor Commented:
They are HP Thin clients. I think they are model T5740.
0
Scott GorcesterCTOCommented:
I see some recent posts that this issue may not be fixable. My past experience is that permanently disabling the write filter fixes this. Is there some reason you require these to be domain members? I will see if I can come up with a solution you might also try opening a support case with HP.

MooseSupport
0
Scott GorcesterCTOCommented:
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.