Computer account missing from AD

Megadeth4168Megadeth4168 Member Posts: 2,157
in Off-Topic
So, I've had 2 separate issues that have involved me having to disjoin the domain and rejoin.

One computer earlier this week was giving me error whenever a user attempted to log in to the domain... I reset the computer account but that did not help. This was a Windows XP Pro computer that has been on the domain for over 1 year.

Another issue that just happened today was a Windows 2000 Pro user complained that they were getting an error logging in. I went up and tried my domain admin user and got the same error. So I took a look in AD and the computer was missing! I had to log on with a local account, disjoin then rejoin the domain. Which of course gave me an error while dis joining saying that it could not disable the computer account.

I verified that no one had been making any changes in AD. So, what can make a computer account disappear from AD like that? I've never ran across this.
www.lukeacha.com
· Share on FacebookShare on Twitter

Comments

  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Megadeth4168 wrote:
    One computer earlier this week was giving me error whenever a user attempted to log in to the domain...

    What was the error? Any clue in the event logs on the computer or DC?

    Megadeth4168 wrote:
    Another issue that just happened today was a Windows 2000 Pro user complained that they were getting an error logging in. I went up and tried my domain admin user and got the same error. So I took a look in AD and the computer was missing! I had to log on with a local account, disjoin then rejoin the domain. Which of course gave me an error while dis joining saying that it could not disable the computer account.

    I verified that no one had been making any changes in AD. So, what can make a computer account disappear from AD like that? I've never ran across this.

    How did you verify? Asking people? I think it's most likely an error by an administrator. It's easy to accidentally click on something in ADUC and mess something up. Sometimes people realize they screwed up but are too embarrassed to admit it. You can check the security event logs on the DC to see if someone did delete that computer account.
    All things are possible, only believe.
    · Share on FacebookShare on Twitter
  • Megadeth4168Megadeth4168 Member Posts: 2,157
    Sorry, should have elaborated. I verified by checking the logs and by asking the only other person who has the ability to make changes... My boss.
    www.lukeacha.com
    · Share on FacebookShare on Twitter
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    You didn't give any details on the first problem, but it sounds like this "workstation trust" problem that seems to come up from time to time. On the Domain Controller's event log you would see a Netlogon error about the computer account not being trusted or something to that effect, and the fix is to disjoin and rejoin. I haven't spent enough time researching that particular problem to find the real cause of it.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
    · Share on FacebookShare on Twitter
Sign In or Register to comment.