I have a number of virtual machines that have not been switched on for over a month, and some others which have been rolled back to an older state. They are members of a domain, and have expired their machine secrets; thus unable to authenticate with the domain any longer.
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 14/05/2009
Time: 10:24:54 AM
User: N/A
Computer: TFS2008WDATA
Description:
The Security System detected an authentication error for the server ldap/iceland.icelava.home.
The failure code from authentication protocol Kerberos was "The attempted logon is invalid.
This is either due to a bad username or authentication information.
(0xc000006d)".
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c000006d
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 14/05/2009
Time: 10:24:54 AM
User: N/A
Computer: TFS2008WDATA
Description:
The Security System detected an authentication error for the server cifs/iceland.icelava.home.
The failure code from authentication protocol Kerberos was "The attempted logon is invalid.
This is either due to a bad username or authentication information.
(0xc000006d)".
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c000006d
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 3210
Date: 14/05/2009
Time: 10:24:54 AM
User: N/A
Computer: TFS2008WDATA
Description:
This computer could not authenticate with \\iceland.icelava.home,
a Windows domain controller for domain ICELAVA, and therefore this computer might deny logon requests. This inability to authenticate
might be caused by another computer on the same network using the same name or the password for this computer account is not recognized.
If this message appears again, contact your system administrator.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c0000022
So I try to use netdom to re-register the machine back to the domain
C:\Documents and Settings\Administrator>netdom reset tfs2008wdata
/domain:icelava /UserO:enterpriseadmin /PasswordO:mypassword
Logon Failure: The target account name is incorrect.
The command failed to complete successfully.
But have not been successful. I wonder what else needs to be done?
Best Answer
I usually don't use Netdom for this type of recovery. Assuming the computer account is still present in the domain, I just temporarily move the computer to a workgroup and then, before a restart, move it back into the domain. This is always quicker than figuring out the proper Netdom commands and syntax.