locked
Login issue with Windows 7 RRS feed

  • Question

  • Hi, We have configured 2 laptops with Windows 7 operating system and joined the domain at one of our branch offices. Now one of the laptops is kept at our branch office whcih is working fine however the other laptop has been sent to the head office and issues started. When the user logs onto the laptop he gets an error "The security database on the server does not have a computer account for this workstation trust relationship". I have gone through the posts on this site for the same error and tried some steps but did not find any solution for the same. Also, the domain names are the same at the H.O and the branch office so I don't think that could be causing an issue. I have also tried changing the computer name but nothing as of yet. Now windows 7 being a new operating system, I do not have much info on the configuration and settings so I would like to get some advice as to why this error might be occuring. Also, I have a doubt that since this is a mobile user this issue might occur to the other person too when he visits some other office as this is related to logon of the user accounts. Kindly help with these queries

    Thanks & Regards,
    Amit Bhattacharjee

    Tuesday, May 25, 2010 6:23 AM

Answers

  • Unjoin computer from your domain and make it a member of the workgroup.

    Restart computer.

    Join the computer back into your domain.

    Restart computer.

    Your issue may indicate a problem with replication between domain controllers in your head office with domain controllers in branch office(s). You may ask your domain admins to investigate it.

    • Marked as answer by Dale Qiao Wednesday, May 26, 2010 2:21 AM
    Tuesday, May 25, 2010 8:54 AM
  • Correct.  Do what Les says...that's really your only way out of this problem at this time.

    There are a couple reasons you can see this problem...and it has nothing to do with the OS on the computer.

    The most common reason is that someone deleted the Computer Object out of Active Directory.  Thing work fine in the field because everyone is logging in using Cached Credentials (since the machine is never connected to the domain...the "computer" never logs in to the domain).  When you take the computer back to the office and connect it to the network the computer tries to "LOGIN" just like a user account tries to login.  But when the computer fails to login to the network it will not allow any other user accounts to login to that box...even if they had previously logged in.

    The other reason you'll see this...is if the actual Computer Object Password has been changed on one Domain Controller and that change has not been replicated to all of the other DC's.  Same basic issue...the computer will not be able to Login...etc.

    Unjoin/Rejoin and you'll be back in business...but you may want to see if the actual Computer Object is in AD first...so you can narrow down what happened a bit better.

     


    Mike...
    • Proposed as answer by JoeZeppy Tuesday, May 25, 2010 3:20 PM
    • Marked as answer by Dale Qiao Wednesday, May 26, 2010 2:21 AM
    Tuesday, May 25, 2010 11:36 AM

All replies

  • Unjoin computer from your domain and make it a member of the workgroup.

    Restart computer.

    Join the computer back into your domain.

    Restart computer.

    Your issue may indicate a problem with replication between domain controllers in your head office with domain controllers in branch office(s). You may ask your domain admins to investigate it.

    • Marked as answer by Dale Qiao Wednesday, May 26, 2010 2:21 AM
    Tuesday, May 25, 2010 8:54 AM
  • Correct.  Do what Les says...that's really your only way out of this problem at this time.

    There are a couple reasons you can see this problem...and it has nothing to do with the OS on the computer.

    The most common reason is that someone deleted the Computer Object out of Active Directory.  Thing work fine in the field because everyone is logging in using Cached Credentials (since the machine is never connected to the domain...the "computer" never logs in to the domain).  When you take the computer back to the office and connect it to the network the computer tries to "LOGIN" just like a user account tries to login.  But when the computer fails to login to the network it will not allow any other user accounts to login to that box...even if they had previously logged in.

    The other reason you'll see this...is if the actual Computer Object Password has been changed on one Domain Controller and that change has not been replicated to all of the other DC's.  Same basic issue...the computer will not be able to Login...etc.

    Unjoin/Rejoin and you'll be back in business...but you may want to see if the actual Computer Object is in AD first...so you can narrow down what happened a bit better.

     


    Mike...
    • Proposed as answer by JoeZeppy Tuesday, May 25, 2010 3:20 PM
    • Marked as answer by Dale Qiao Wednesday, May 26, 2010 2:21 AM
    Tuesday, May 25, 2010 11:36 AM