If you have a computer that cannot connect to the domain you might see the following error logged in the Windows System Event Log:
Windows Event ID: 5722
Message: The session setup from the computer <NAME>. failed to authenticate. The name(s) of the account(s) referenced in the security database is <NAME>. The following error occurred:
Access is denied.
This can happen because the computer in question has been powered off, offline, or otherwise disconnected from your domain controllers for more than 30 days.
Put simply, when a computer joins a corporate domain a secret password is shared between the domain controller and that PC. That password is updated every 30 days so if your computer is offline for more than 30 days it’s going to lose its trust.
The easiest way to fix this is to simply Have the computer rejoin the domain by changing the Domain Name in ADVANCED SETTINGS. For instance, if my domain was URTECH.LOCAL I would remove the .LOCAL and have it attempt to join URTECH
Microsoft words it this way:
…The secure channel’s password is stored together with the computer account on the primary domain controller (PDC). The password is replicated to all replica domain controllers.
Event 5722 is logged in the following scenarios:
- When a computer updates its computer account password with a domain controller, the event is logged in the system log of the authenticating domain controller.In this scenario, the computer’s secure channel with the authenticating domain controller is still valid.
- When you join a computer to a domain by using a name that is already in use by another computer, or when an existing computer account is reset. An existing computer account may be reset by using Active Directory Users and Computers or by using the Netdom.exe utility.In this scenario, the computer’s account password does not match the password on the domain controller, and you cannot set a secure channel from the original computer to the domain controller.
SOURCE
0 Comments