none
Logon local user account fails on domain computer.

    Question

  • Hi we have some Windows Embedded 7 laptop that are domain members so we can distribute wlan configuration via GPO.

    The computers have to be domain members to access the Wlan

    Over the past two weeks I've we have had two out of 20 Windows Embedded 7 laptop.

    The computers are configured to autologon with the local user account but suddenly get "The trust relationship between this workstation and the primary domain failed" when I tried to logon with a domain admin since the computers where not able to attach the wlan.

    I changed the Maximum machine account password age to 90 days but it doesn't help. 

    Can the problem be caused since their is no domain user that is logging on that the computer is not able update the computer password?

    Another suggestion I've seen is Disable machine account password change which is not recommended based on security.

    Any suggestions?

    Monday, February 20, 2017 2:49 PM

Answers

  • I think it was a administrator error two computers where marked With the same name so the problem looks two have stopped once one of the computers got a New name
    • Marked as answer by hanspjacobsen Wednesday, March 1, 2017 7:18 AM
    Wednesday, March 1, 2017 7:18 AM

All replies

  • Logging on locally should not be a problem. I'd check that the DC and problem clients are not multi-homed and both have the address of DC for DNS and no others such as router or public DNS on connection properties.

     

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    Monday, February 20, 2017 3:52 PM
  • Hi

    Can the problem be caused since their is no domain user that is logging on that the computer is not able update the computer password?>>>> As long as no one has disabled or deleted the computer account, nor tried to add a computer with the same name to the domain, (or some other destructive action), the computer will continue to work no matter how long it has been since its machine account password was initiated and changed.

    Another suggestion I've seen is Disable machine account password change which is not recommended based on security.>>> As you know that's not recommended for security.

    Also check this for details; https://blogs.technet.microsoft.com/askds/2009/02/15/machine-account-password-process-2/


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Monday, February 20, 2017 4:07 PM
  • I think it was a administrator error two computers where marked With the same name so the problem looks two have stopped once one of the computers got a New name
    • Marked as answer by hanspjacobsen Wednesday, March 1, 2017 7:18 AM
    Wednesday, March 1, 2017 7:18 AM