Netdom to restore machine secret

Posted by icelava on Server Fault See other posts from Server Fault or by icelava
Published on 2009-05-14T09:51:02Z Indexed on 2010/05/28 21:02 UTC
Read the original article Hit count: 513

Filed under:
|

I have a number of virtual machines that have not been switched on for over a month, and some others which have been rolled back to an older state. They are members of a domain, and have expired their machine secrets; thus unable to authenticate with the domain any longer.

Event Type:             Warning
Event Source:          LSASRV
Event Category:      SPNEGO (Negotiator) 
Event ID:  40960
Date:                       14/05/2009
Time:                       10:24:54 AM
User:                        N/A
Computer:              TFS2008WDATA
Description:
The Security System detected an authentication error for the server ldap/iceland.icelava.home.
The failure code from authentication protocol Kerberos was "The attempted logon is invalid.
This is either due to a bad username or authentication information.

 (0xc000006d)".

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c000006d  


Event Type:             Warning
Event Source:          LSASRV
Event Category:      SPNEGO (Negotiator) 
Event ID:  40960
Date:                       14/05/2009
Time:                       10:24:54 AM
User:                        N/A
Computer:              TFS2008WDATA
Description:
The Security System detected an authentication error for the server cifs/iceland.icelava.home.
The failure code from authentication protocol Kerberos was "The attempted logon is invalid.
This is either due to a bad username or authentication information.

 (0xc000006d)".

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c000006d


Event Type:             Error
Event Source:          NETLOGON
Event Category:      None
Event ID:  3210
Date:                       14/05/2009
Time:                       10:24:54 AM
User:                        N/A
Computer:              TFS2008WDATA
Description:
This computer could not authenticate with \\iceland.icelava.home,
a Windows domain controller for domain ICELAVA, and therefore this computer might deny logon requests. This inability to authenticate
might be caused by another computer on the same network using the same name or the password for this computer account is not recognized.
If this message appears again, contact your system administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c0000022

So I try to use netdom to re-register the machine back to the domain

C:\Documents and Settings\Administrator>netdom reset tfs2008wdata
/domain:icelava /UserO:enterpriseadmin /PasswordO:mypassword
Logon Failure: The target account name is incorrect.

The command failed to complete successfully.

But have not been successful. I wonder what else needs to be done?

© Server Fault or respective owner

Related posts about active-directory

Related posts about netdom