Change it to whatever number of days you think may be enough.Ĭomputer Configuration\windows Settings\Security settings\Local Policies\Security Optionsĭomain member: Disable machine account password changesĭomain member: Maximum machine account password age MaximumPasswordAge (default 30 days) determines when the computer password needs to be changed. HKLM\SYSTEM\CurrentControlSet\Services\NetLogon\ParametersĭisablePasswordChange (default off) prevents the client computer from changing its computer account password. You can configure password reset duration or settings by registry or by GPO policy. If you also think so here is the solution. Won’t it be better to disable password reset or at least increase the duration? This will be helpful as we won’t get the error at all. They will get this error as discussed earlier in post. But what to do if in case company have lot of roaming users and they seldom come to office? When they come help desk will be getting call with same error. This method is beautifully described here: If you don’t have support for PowerShell 2.0 then you can use Netdom. Using Netdom: This is another method for resetting account for legacy machine. There is no need to restart your client machine either. This command resets the secure channel between the local computer and its domain. Ideally its result should be True but unfortunately in event of error you will get False as result. This command checks trust relation between local computer and domain. You may also use Test-ComputerSecureChannel command. It will prompt for password of account so provide the same Server will be domain controller account. Reset-ComputerMachinePassword -Server -CredentialĬredential should be the of user account with permission. Using PowerShell – If you are using PowerShell 2.0 and above then login to your client computer using local admin account and run this command: Duh ! Here are two solution which can solve the problem without rejoining domain. Single machine can take excess of 10 mins so what if we need to do same on multiple computers ? Whole day activity. To solve this problem, many admins rejoin client computer to domain.This works but its not a good idea because its time consuming affair. You did reset of computer account from domain controller.ĭue to any of the reason you get the above mentioned error.You restored your machine from old backup.When computer is out of network for more than 30 days ( default password age).There can be multiple circumstances when password reset between client computer and domain controller becomes out of sync for example: Note: Computer account password changes are driven by the client computer account, and not by domain controller.
By default they reset their password every 30 days. Computer accounts also reset their password for security reason. Client computer uses his account and password to authenticate himself into domain. This account is created by default in Computer container. For answer keep reading.Įvery client in domain has an domain account and its own password just like user account. How do you solve the problem ? Rejoin client computer to domain ? This is not a good idea. You must have got the “The trust relation between this workstation and primary domain failed” error multiple times. Today we will discuss a very common error and its troubleshooting. Hope this post finds you in good health and spirit.
0 kommentar(er)
