Netdom 恢复机器秘密

Netdom 恢复机器秘密

我有许多虚拟机已经超过一个月没有打开了,还有一些虚拟机已经回滚到较早的状态。它们是域的成员,并且其机器机密已过期;因此无法再与域进行身份验证。

Event Type:             Warning
Event Source:          LSASRV
Event Category:      SPNEGO (Negotiator) 
Event ID:  40960
Date:                       14/05/2009
Time:                       10:24:54 AM
User:                        N/A
Computer:              TFS2008WDATA
Description:
The Security System detected an authentication error for the server ldap/iceland.icelava.home.
The failure code from authentication protocol Kerberos was "The attempted logon is invalid.
This is either due to a bad username or authentication information.

 (0xc000006d)".

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c000006d  


Event Type:             Warning
Event Source:          LSASRV
Event Category:      SPNEGO (Negotiator) 
Event ID:  40960
Date:                       14/05/2009
Time:                       10:24:54 AM
User:                        N/A
Computer:              TFS2008WDATA
Description:
The Security System detected an authentication error for the server cifs/iceland.icelava.home.
The failure code from authentication protocol Kerberos was "The attempted logon is invalid.
This is either due to a bad username or authentication information.

 (0xc000006d)".

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c000006d


Event Type:             Error
Event Source:          NETLOGON
Event Category:      None
Event ID:  3210
Date:                       14/05/2009
Time:                       10:24:54 AM
User:                        N/A
Computer:              TFS2008WDATA
Description:
This computer could not authenticate with \\iceland.icelava.home,
a Windows domain controller for domain ICELAVA, and therefore this computer might deny logon requests. This inability to authenticate
might be caused by another computer on the same network using the same name or the password for this computer account is not recognized.
If this message appears again, contact your system administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: c0000022

因此我尝试使用 netdom 将机器重新注册到域

C:\Documents and Settings\Administrator>netdom reset tfs2008wdata
/domain:icelava /UserO:enterpriseadmin /PasswordO:mypassword
Logon Failure: The target account name is incorrect.

The command failed to complete successfully.

但还没有成功。我想知道还需要做什么?

答案1

我通常不使用 Netdom 进行这种类型的恢复。假设计算机帐户仍存在于域中,我只是暂时将计算机移至工作组,然后在重新启动之前将其移回域。这总是比找出正确的 Netdom 命令和语法更快。

答案2

您甚至不需要经历这些麻烦。右键单击 Active Directory 用户和计算机中的计算机帐户,然后选择重置帐户。太棒了!

相关内容