Windows Server 2008 R2 Thread, workstations/laptops not communication with DC in Technical; Hello everyone!!
So due to it coming up to the school holidays i have been thinking, laptop/workstations that dont contact ...
25th January 2013, 11:05 AM #1
- Rep Power
workstations/laptops not communication with DC
So due to it coming up to the school holidays i have been thinking, laptop/workstations that dont contact the DC or are turned on in a long period of time (1-2 months) seem to drop off the domain and no one can log back onto them until they are re-added to the domain. now i believe this has something to do with the trust relationship between the computer and DC breaks down or something similar (i could be wrong).
so my question is, can i turn these computers off for 2 months then log on with an AD account when i first turn them on without removing and re-adding to the domain. Can i extend the trust relationship or something like that???
25th January 2013, 11:50 AM #2
If you create the following GPP regedit, this will stop workstations reporting Trust Relationship messages -
I generally only have the problem on wireless rather than wired devices, but you can apply this to both.
Key Path: SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Value name: DisablePasswordChange
Value type: REG_DWORD
Value data: 1 (Hex)
In theory even if you leave machines off for two months or more, it should still work.
Thanks to Michael from:
uffy2000 (26th February 2013)
25th January 2013, 11:54 AM #3
- Rep Power
Muchly Appreciated, ill give this a go!
The previous technician did not add laptops/netbooks to the domain because he kept having to re-add them after the holidays. I knew there was a way to stop or at least postpone this, now i have to add all the netbooks and teacher laptops to the domain after i have added this gem!
Thanks again for the input!
25th January 2013, 12:46 PM #4
25th January 2013, 12:52 PM #5
Woah, why are they dropping off in the first place?
25th January 2013, 01:15 PM #6
The computer password has changed but the domain controllers machine password database hasnt updated. The trust relationship is then broken.
Originally Posted by Tsonga
The link i posted explains it all. It isn't uncommon I dont think.
25th January 2013, 01:33 PM #7
Once again this can often be traced back to DNS/RDNS issues.
Machines that have lingering and obsolete records in DNS will have trouble initiating the secure channel between the host and DC often laptops with netbios names appearing in RDNS zone with multiple IP addresses.
Laptop-001 was once 192.168.1.12 this has not been seen for 2 months, another device has used the IP since but the RDNS record has not been cleaned up. Laptop-001 suddenly reappears as 192.168.1.99 and there are now two or more entries in the RDNS zone or another device is assumed to be Laptop-001.
The machine password change will fail if there are resolution issues, the act of deleting the machine account and rejoining the domain also tend to force DNS registration and updates so this appears to have fixed the problem when in fact it was a DNS issue all along.
99% of AD issues stem from DNS related problems. If there is one part of windows networking that requires almost OCD like attention its DNS keep it clean tidy and up to date many of these type of issues never occur.
Thanks to m25man from:
uffy2000 (26th February 2013)
25th January 2013, 01:52 PM #8
Originally Posted by m25man
The URL I posted from Microsoft on this issue does not mention anything about DNS.....
25th January 2013, 02:07 PM #9
DNS scavenging should sort out the duplicate records in DNS as RTFM said its to do with the passwords databases
Thanks to ict_support from:
By freakyleaks in forum Windows Server 2008
Last Post: 27th August 2009, 04:43 PM
By becktonboy in forum School ICT Policies
Last Post: 7th May 2007, 06:59 AM
By Geoff in forum IT News
Last Post: 3rd March 2007, 04:18 PM
By CM786 in forum Wireless Networks
Last Post: 14th December 2006, 07:14 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)