Если по каким-то причинам такое произошло, есть несколько вариантов решить проблему без процедуры вводавывода ПК из домена
1. Протестировать соединение ПК с доменом можно с помощью команды
C:UsersAdministrator>nltest /query Флаги: 0 Подключение Status = 1787 0x6fb ERROR_NO_TRUST_SAM_ACCOUNT Команда выполнена успешно.
2. При появлении такой ошибки можно выполнить несколько вариантов действий:
I вариант:
netdom Resetpwd /Server:dc1 /UserD:Administrator /PasswordD:*
где dc1 — контролер домена, Administrator — административная учетная запись в домене. Дополнительно можно указать параметр /SecurePasswordPrompt, который указывает выводить запрос пароля в специальной
форме.
Еще с помощью Netdom можно проверить наличие безопасного соединения с доменом:
netdom Verify WKS1 /Domain:mydomain.name /UserO:Administrator /PasswordO:*
Или сбросить учетную запись компьютера:
Netdom Reset WKS1 /Domain:mydomain.name /UserO:Administrator /PasswordO:*
где WKS1 — рабочая станция, которой сбрасываем учетку.
II вариант:
nltest /query - проверить безопасное соединение с доменом; nltest /sc_reset:mydomain.name — сбросить учетную запись компьютера в домене; nltest /sc_change_pwd:mydomain.name — изменить пароль компьютера.
Самый быстрый и доступный способ, ведь утилита Nltest по умолчанию есть на любой рабочей станции или сервере. Однако, в отличие от Netdom, в которой предусмотрен ввод учетных данных, Nltest работает в контексте запустившего ее пользователя. Соответственно, зайдя на компьютер под локальной учетной записью и попытавшись выполнить команду можем получить ошибку доступа.
III вариант:
PowerShell тоже умеет сбрасывать пароль компьютера и восстанавливать безопасное соединение с доменом. Для этого существует командлет
Test-ComputerSecureChannel
Запущенный без параметров он выдаст состояние защищенного канала — True или False.
Для сброса учетной записи компьютера и защищенного канала можно использовать такую команду:
Test-ComputerSecureChannel -Server dc1 -Credential mydomainAdministrator -Repair
где dc1 — контролер домена (указывать не обязательно).
Для сброса пароля также можно также воспользоваться такой командой:
Reset-ComputerMachineChannel -Server dc1 -Credential mydomainAdministrator
Способ быстрый и удобный, не требующий перезагрузки. Но и здесь есть свои особенности. Ключ -Credential впервые появился в PowerShell 3.0. Без этого параметра командлет, запущенный из под локального пользователя, выдает ошибку доступа. Получается что данный метод можно использовать только на Windows 8 и Server 2012, ведь для остальных ОС PowerShell 3.0 пока недоступен.
Как видите, способов восстановления доверительных отношений более чем достаточно. Однако если проблема приобретает постоянный характер, то проще подойти к ее решению с другой стороны.
После успешного завершения выбранных действий, результат выполнения nltest:
C:UsersAdministrator>Nltest /query Флаги: 0 Подключение Status = 0 0x0 NERR_Success Команда выполнена успешно.
Содержание
- Блог дяди Freemanа
- Способы восстановления доверительных отношений между компьютером и контроллером домена
- System Error Codes (1700-3999)
Блог дяди Freemanа
Способы восстановления доверительных отношений между компьютером и контроллером домена
Если по каким-то причинам такое произошло, есть несколько вариантов решить проблему без процедуры вводавывода ПК из домена
1. Протестировать соединение ПК с доменом можно с помощью команды
2. При появлении такой ошибки можно выполнить несколько вариантов действий:
I вариант:
где dc1 — контролер домена, Administrator — административная учетная запись в домене. Дополнительно можно указать параметр /SecurePasswordPrompt, который указывает выводить запрос пароля в специальной
форме.
Еще с помощью Netdom можно проверить наличие безопасного соединения с доменом:
Или сбросить учетную запись компьютера:
где WKS1 — рабочая станция, которой сбрасываем учетку.
Самый быстрый и доступный способ, ведь утилита Nltest по умолчанию есть на любой рабочей станции или сервере. Однако, в отличие от Netdom, в которой предусмотрен ввод учетных данных, Nltest работает в контексте запустившего ее пользователя. Соответственно, зайдя на компьютер под локальной учетной записью и попытавшись выполнить команду можем получить ошибку доступа.
III вариант:
PowerShell тоже умеет сбрасывать пароль компьютера и восстанавливать безопасное соединение с доменом. Для этого существует командлет
Запущенный без параметров он выдаст состояние защищенного канала — True или False .
Для сброса учетной записи компьютера и защищенного канала можно использовать такую команду:
где dc1 — контролер домена (указывать не обязательно).
Для сброса пароля также можно также воспользоваться такой командой:
Способ быстрый и удобный, не требующий перезагрузки. Но и здесь есть свои особенности. Ключ -Credential впервые появился в PowerShell 3.0. Без этого параметра командлет, запущенный из под локального пользователя, выдает ошибку доступа. Получается что данный метод можно использовать только на Windows 8 и Server 2012, ведь для остальных ОС PowerShell 3.0 пока недоступен.
Как видите, способов восстановления доверительных отношений более чем достаточно. Однако если проблема приобретает постоянный характер, то проще подойти к ее решению с другой стороны.
После успешного завершения выбранных действий, результат выполнения nltest:
Источник
System Error Codes (1700-3999)
This information is intended for developers debugging system errors. For other errors, such as issues with Windows Update, there is a list of resources on the Error codes page.
The following list describes system error codes for errors 1700 to 3999. They are returned by the GetLastError function when many functions fail. To retrieve the description text for the error in your application, use the FormatMessage function with the FORMAT_MESSAGE_FROM_SYSTEM flag.
RPC_S_INVALID_STRING_BINDING
The string binding is invalid.
RPC_S_WRONG_KIND_OF_BINDING
The binding handle is not the correct type.
RPC_S_INVALID_BINDING
The binding handle is invalid.
RPC_S_PROTSEQ_NOT_SUPPORTED
The RPC protocol sequence is not supported.
RPC_S_INVALID_RPC_PROTSEQ
The RPC protocol sequence is invalid.
RPC_S_INVALID_STRING_UUID
The string universal unique identifier (UUID) is invalid.
RPC_S_INVALID_ENDPOINT_FORMAT
The endpoint format is invalid.
RPC_S_INVALID_NET_ADDR
The network address is invalid.
RPC_S_NO_ENDPOINT_FOUND
No endpoint was found.
RPC_S_INVALID_TIMEOUT
The timeout value is invalid.
RPC_S_OBJECT_NOT_FOUND
The object universal unique identifier (UUID) was not found.
RPC_S_ALREADY_REGISTERED
The object universal unique identifier (UUID) has already been registered.
RPC_S_TYPE_ALREADY_REGISTERED
The type universal unique identifier (UUID) has already been registered.
RPC_S_ALREADY_LISTENING
The RPC server is already listening.
RPC_S_NO_PROTSEQS_REGISTERED
No protocol sequences have been registered.
RPC_S_NOT_LISTENING
The RPC server is not listening.
RPC_S_UNKNOWN_MGR_TYPE
The manager type is unknown.
RPC_S_UNKNOWN_IF
The interface is unknown.
RPC_S_NO_BINDINGS
There are no bindings.
RPC_S_NO_PROTSEQS
There are no protocol sequences.
RPC_S_CANT_CREATE_ENDPOINT
The endpoint cannot be created.
RPC_S_OUT_OF_RESOURCES
Not enough resources are available to complete this operation.
RPC_S_SERVER_UNAVAILABLE
The RPC server is unavailable.
RPC_S_SERVER_TOO_BUSY
The RPC server is too busy to complete this operation.
RPC_S_INVALID_NETWORK_OPTIONS
The network options are invalid.
RPC_S_NO_CALL_ACTIVE
There are no remote procedure calls active on this thread.
RPC_S_CALL_FAILED
The remote procedure call failed.
RPC_S_CALL_FAILED_DNE
The remote procedure call failed and did not execute.
RPC_S_PROTOCOL_ERROR
A remote procedure call (RPC) protocol error occurred.
RPC_S_PROXY_ACCESS_DENIED
Access to the HTTP proxy is denied.
RPC_S_UNSUPPORTED_TRANS_SYN
The transfer syntax is not supported by the RPC server.
RPC_S_UNSUPPORTED_TYPE
The universal unique identifier (UUID) type is not supported.
RPC_S_INVALID_TAG
The tag is invalid.
RPC_S_INVALID_BOUND
The array bounds are invalid.
RPC_S_NO_ENTRY_NAME
The binding does not contain an entry name.
RPC_S_INVALID_NAME_SYNTAX
The name syntax is invalid.
RPC_S_UNSUPPORTED_NAME_SYNTAX
The name syntax is not supported.
RPC_S_UUID_NO_ADDRESS
No network address is available to use to construct a universal unique identifier (UUID).
RPC_S_DUPLICATE_ENDPOINT
The endpoint is a duplicate.
RPC_S_UNKNOWN_AUTHN_TYPE
The authentication type is unknown.
RPC_S_MAX_CALLS_TOO_SMALL
The maximum number of calls is too small.
RPC_S_STRING_TOO_LONG
The string is too long.
RPC_S_PROTSEQ_NOT_FOUND
The RPC protocol sequence was not found.
RPC_S_PROCNUM_OUT_OF_RANGE
The procedure number is out of range.
RPC_S_BINDING_HAS_NO_AUTH
The binding does not contain any authentication information.
RPC_S_UNKNOWN_AUTHN_SERVICE
The authentication service is unknown.
RPC_S_UNKNOWN_AUTHN_LEVEL
The authentication level is unknown.
RPC_S_INVALID_AUTH_IDENTITY
The security context is invalid.
RPC_S_UNKNOWN_AUTHZ_SERVICE
The authorization service is unknown.
EPT_S_INVALID_ENTRY
The entry is invalid.
EPT_S_CANT_PERFORM_OP
The server endpoint cannot perform the operation.
EPT_S_NOT_REGISTERED
There are no more endpoints available from the endpoint mapper.
RPC_S_NOTHING_TO_EXPORT
No interfaces have been exported.
RPC_S_INCOMPLETE_NAME
The entry name is incomplete.
RPC_S_INVALID_VERS_OPTION
The version option is invalid.
RPC_S_NO_MORE_MEMBERS
There are no more members.
RPC_S_NOT_ALL_OBJS_UNEXPORTED
There is nothing to unexport.
RPC_S_INTERFACE_NOT_FOUND
The interface was not found.
RPC_S_ENTRY_ALREADY_EXISTS
The entry already exists.
RPC_S_ENTRY_NOT_FOUND
The entry is not found.
RPC_S_NAME_SERVICE_UNAVAILABLE
The name service is unavailable.
RPC_S_INVALID_NAF_ID
The network address family is invalid.
RPC_S_CANNOT_SUPPORT
The requested operation is not supported.
RPC_S_NO_CONTEXT_AVAILABLE
No security context is available to allow impersonation.
RPC_S_INTERNAL_ERROR
An internal error occurred in a remote procedure call (RPC).
RPC_S_ZERO_DIVIDE
The RPC server attempted an integer division by zero.
RPC_S_ADDRESS_ERROR
An addressing error occurred in the RPC server.
RPC_S_FP_DIV_ZERO
A floating-point operation at the RPC server caused a division by zero.
RPC_S_FP_UNDERFLOW
A floating-point underflow occurred at the RPC server.
RPC_S_FP_OVERFLOW
A floating-point overflow occurred at the RPC server.
RPC_X_NO_MORE_ENTRIES
The list of RPC servers available for the binding of auto handles has been exhausted.
RPC_X_SS_CHAR_TRANS_OPEN_FAIL
Unable to open the character translation table file.
RPC_X_SS_CHAR_TRANS_SHORT_FILE
The file containing the character translation table has fewer than 512 bytes.
RPC_X_SS_IN_NULL_CONTEXT
A null context handle was passed from the client to the host during a remote procedure call.
RPC_X_SS_CONTEXT_DAMAGED
The context handle changed during a remote procedure call.
RPC_X_SS_HANDLES_MISMATCH
The binding handles passed to a remote procedure call do not match.
RPC_X_SS_CANNOT_GET_CALL_HANDLE
The stub is unable to get the remote procedure call handle.
RPC_X_NULL_REF_POINTER
A null reference pointer was passed to the stub.
RPC_X_ENUM_VALUE_OUT_OF_RANGE
The enumeration value is out of range.
RPC_X_BYTE_COUNT_TOO_SMALL
The byte count is too small.
RPC_X_BAD_STUB_DATA
The stub received bad data.
ERROR_INVALID_USER_BUFFER
The supplied user buffer is not valid for the requested operation.
ERROR_UNRECOGNIZED_MEDIA
The disk media is not recognized. It may not be formatted.
ERROR_NO_TRUST_LSA_SECRET
The workstation does not have a trust secret.
ERROR_NO_TRUST_SAM_ACCOUNT
The security database on the server does not have a computer account for this workstation trust relationship.
ERROR_TRUSTED_DOMAIN_FAILURE
The trust relationship between the primary domain and the trusted domain failed.
ERROR_TRUSTED_RELATIONSHIP_FAILURE
The trust relationship between this workstation and the primary domain failed.
ERROR_TRUST_FAILURE
The network logon failed.
RPC_S_CALL_IN_PROGRESS
A remote procedure call is already in progress for this thread.
ERROR_NETLOGON_NOT_STARTED
An attempt was made to logon, but the network logon service was not started.
ERROR_ACCOUNT_EXPIRED
The user’s account has expired.
ERROR_REDIRECTOR_HAS_OPEN_HANDLES
The redirector is in use and cannot be unloaded.
ERROR_PRINTER_DRIVER_ALREADY_INSTALLED
The specified printer driver is already installed.
ERROR_UNKNOWN_PORT
The specified port is unknown.
ERROR_UNKNOWN_PRINTER_DRIVER
The printer driver is unknown.
ERROR_UNKNOWN_PRINTPROCESSOR
The print processor is unknown.
ERROR_INVALID_SEPARATOR_FILE
The specified separator file is invalid.
ERROR_INVALID_PRIORITY
The specified priority is invalid.
ERROR_INVALID_PRINTER_NAME
The printer name is invalid.
ERROR_PRINTER_ALREADY_EXISTS
The printer already exists.
ERROR_INVALID_PRINTER_COMMAND
The printer command is invalid.
ERROR_INVALID_DATATYPE
The specified datatype is invalid.
ERROR_INVALID_ENVIRONMENT
The environment specified is invalid.
RPC_S_NO_MORE_BINDINGS
There are no more bindings.
ERROR_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT
The account used is an interdomain trust account. Use your global user account or local user account to access this server.
ERROR_NOLOGON_WORKSTATION_TRUST_ACCOUNT
The account used is a computer account. Use your global user account or local user account to access this server.
ERROR_NOLOGON_SERVER_TRUST_ACCOUNT
The account used is a server trust account. Use your global user account or local user account to access this server.
ERROR_DOMAIN_TRUST_INCONSISTENT
The name or security ID (SID) of the domain specified is inconsistent with the trust information for that domain.
ERROR_SERVER_HAS_OPEN_HANDLES
The server is in use and cannot be unloaded.
ERROR_RESOURCE_DATA_NOT_FOUND
The specified image file did not contain a resource section.
ERROR_RESOURCE_TYPE_NOT_FOUND
The specified resource type cannot be found in the image file.
ERROR_RESOURCE_NAME_NOT_FOUND
The specified resource name cannot be found in the image file.
ERROR_RESOURCE_LANG_NOT_FOUND
The specified resource language ID cannot be found in the image file.
ERROR_NOT_ENOUGH_QUOTA
Not enough quota is available to process this command.
RPC_S_NO_INTERFACES
No interfaces have been registered.
RPC_S_CALL_CANCELLED
The remote procedure call was cancelled.
RPC_S_BINDING_INCOMPLETE
The binding handle does not contain all required information.
RPC_S_COMM_FAILURE
A communications failure occurred during a remote procedure call.
RPC_S_UNSUPPORTED_AUTHN_LEVEL
The requested authentication level is not supported.
RPC_S_NO_PRINC_NAME
No principal name registered.
RPC_S_NOT_RPC_ERROR
The error specified is not a valid Windows RPC error code.
RPC_S_UUID_LOCAL_ONLY
A UUID that is valid only on this computer has been allocated.
RPC_S_SEC_PKG_ERROR
A security package specific error occurred.
RPC_S_NOT_CANCELLED
Thread is not canceled.
RPC_X_INVALID_ES_ACTION
Invalid operation on the encoding/decoding handle.
RPC_X_WRONG_ES_VERSION
Incompatible version of the serializing package.
RPC_X_WRONG_STUB_VERSION
Incompatible version of the RPC stub.
RPC_X_INVALID_PIPE_OBJECT
The RPC pipe object is invalid or corrupted.
RPC_X_WRONG_PIPE_ORDER
An invalid operation was attempted on an RPC pipe object.
RPC_X_WRONG_PIPE_VERSION
Unsupported RPC pipe version.
RPC_S_COOKIE_AUTH_FAILED
HTTP proxy server rejected the connection because the cookie authentication failed.
RPC_S_GROUP_MEMBER_NOT_FOUND
The group member was not found.
EPT_S_CANT_CREATE
The endpoint mapper database entry could not be created.
RPC_S_INVALID_OBJECT
The object universal unique identifier (UUID) is the nil UUID.
ERROR_INVALID_TIME
The specified time is invalid.
ERROR_INVALID_FORM_NAME
The specified form name is invalid.
ERROR_INVALID_FORM_SIZE
The specified form size is invalid.
ERROR_ALREADY_WAITING
The specified printer handle is already being waited on.
ERROR_PRINTER_DELETED
The specified printer has been deleted.
ERROR_INVALID_PRINTER_STATE
The state of the printer is invalid.
ERROR_PASSWORD_MUST_CHANGE
The user’s password must be changed before signing in.
ERROR_DOMAIN_CONTROLLER_NOT_FOUND
Could not find the domain controller for this domain.
ERROR_ACCOUNT_LOCKED_OUT
The referenced account is currently locked out and may not be logged on to.
OR_INVALID_OXID
The object exporter specified was not found.
OR_INVALID_OID
The object specified was not found.
OR_INVALID_SET
The object resolver set specified was not found.
RPC_S_SEND_INCOMPLETE
Some data remains to be sent in the request buffer.
RPC_S_INVALID_ASYNC_HANDLE
Invalid asynchronous remote procedure call handle.
RPC_S_INVALID_ASYNC_CALL
Invalid asynchronous RPC call handle for this operation.
RPC_X_PIPE_CLOSED
The RPC pipe object has already been closed.
RPC_X_PIPE_DISCIPLINE_ERROR
The RPC call completed before all pipes were processed.
RPC_X_PIPE_EMPTY
No more data is available from the RPC pipe.
ERROR_NO_SITENAME
No site name is available for this machine.
ERROR_CANT_ACCESS_FILE
The file cannot be accessed by the system.
ERROR_CANT_RESOLVE_FILENAME
The name of the file cannot be resolved by the system.
RPC_S_ENTRY_TYPE_MISMATCH
The entry is not of the expected type.
RPC_S_NOT_ALL_OBJS_EXPORTED
Not all object UUIDs could be exported to the specified entry.
RPC_S_INTERFACE_NOT_EXPORTED
Interface could not be exported to the specified entry.
RPC_S_PROFILE_NOT_ADDED
The specified profile entry could not be added.
RPC_S_PRF_ELT_NOT_ADDED
The specified profile element could not be added.
RPC_S_PRF_ELT_NOT_REMOVED
The specified profile element could not be removed.
RPC_S_GRP_ELT_NOT_ADDED
The group element could not be added.
RPC_S_GRP_ELT_NOT_REMOVED
The group element could not be removed.
ERROR_KM_DRIVER_BLOCKED
The printer driver is not compatible with a policy enabled on your computer that blocks NT 4.0 drivers.
ERROR_CONTEXT_EXPIRED
The context has expired and can no longer be used.
ERROR_PER_USER_TRUST_QUOTA_EXCEEDED
The current user’s delegated trust creation quota has been exceeded.
ERROR_ALL_USER_TRUST_QUOTA_EXCEEDED
The total delegated trust creation quota has been exceeded.
ERROR_USER_DELETE_TRUST_QUOTA_EXCEEDED
The current user’s delegated trust deletion quota has been exceeded.
ERROR_AUTHENTICATION_FIREWALL_FAILED
The computer you are signing into is protected by an authentication firewall. The specified account is not allowed to authenticate to the computer.
ERROR_REMOTE_PRINT_CONNECTIONS_BLOCKED
Remote connections to the Print Spooler are blocked by a policy set on your machine.
ERROR_NTLM_BLOCKED
Authentication failed because NTLM authentication has been disabled.
ERROR_PASSWORD_CHANGE_REQUIRED
Logon Failure: EAS policy requires that the user change their password before this operation can be performed.
ERROR_INVALID_PIXEL_FORMAT
The pixel format is invalid.
ERROR_BAD_DRIVER
The specified driver is invalid.
ERROR_INVALID_WINDOW_STYLE
The window style or class attribute is invalid for this operation.
ERROR_METAFILE_NOT_SUPPORTED
The requested metafile operation is not supported.
ERROR_TRANSFORM_NOT_SUPPORTED
The requested transformation operation is not supported.
ERROR_CLIPPING_NOT_SUPPORTED
The requested clipping operation is not supported.
ERROR_INVALID_CMM
The specified color management module is invalid.
ERROR_INVALID_PROFILE
The specified color profile is invalid.
ERROR_TAG_NOT_FOUND
The specified tag was not found.
ERROR_TAG_NOT_PRESENT
A required tag is not present.
ERROR_DUPLICATE_TAG
The specified tag is already present.
ERROR_PROFILE_NOT_ASSOCIATED_WITH_DEVICE
The specified color profile is not associated with the specified device.
ERROR_PROFILE_NOT_FOUND
The specified color profile was not found.
ERROR_INVALID_COLORSPACE
The specified color space is invalid.
ERROR_ICM_NOT_ENABLED
Image Color Management is not enabled.
ERROR_DELETING_ICM_XFORM
There was an error while deleting the color transform.
ERROR_INVALID_TRANSFORM
The specified color transform is invalid.
ERROR_COLORSPACE_MISMATCH
The specified transform does not match the bitmap’s color space.
ERROR_INVALID_COLORINDEX
The specified named color index is not present in the profile.
ERROR_PROFILE_DOES_NOT_MATCH_DEVICE
The specified profile is intended for a device of a different type than the specified device.
ERROR_CONNECTED_OTHER_PASSWORD
The network connection was made successfully, but the user had to be prompted for a password other than the one originally specified.
ERROR_CONNECTED_OTHER_PASSWORD_DEFAULT
The network connection was made successfully using default credentials.
ERROR_BAD_USERNAME
The specified username is invalid.
ERROR_NOT_CONNECTED
This network connection does not exist.
ERROR_OPEN_FILES
This network connection has files open or requests pending.
ERROR_ACTIVE_CONNECTIONS
Active connections still exist.
ERROR_DEVICE_IN_USE
The device is in use by an active process and cannot be disconnected.
ERROR_UNKNOWN_PRINT_MONITOR
The specified print monitor is unknown.
ERROR_PRINTER_DRIVER_IN_USE
The specified printer driver is currently in use.
ERROR_SPOOL_FILE_NOT_FOUND
The spool file was not found.
ERROR_SPL_NO_STARTDOC
A StartDocPrinter call was not issued.
ERROR_SPL_NO_ADDJOB
An AddJob call was not issued.
ERROR_PRINT_PROCESSOR_ALREADY_INSTALLED
The specified print processor has already been installed.
ERROR_PRINT_MONITOR_ALREADY_INSTALLED
The specified print monitor has already been installed.
ERROR_INVALID_PRINT_MONITOR
The specified print monitor does not have the required functions.
ERROR_PRINT_MONITOR_IN_USE
The specified print monitor is currently in use.
ERROR_PRINTER_HAS_JOBS_QUEUED
The requested operation is not allowed when there are jobs queued to the printer.
ERROR_SUCCESS_REBOOT_REQUIRED
The requested operation is successful. Changes will not be effective until the system is rebooted.
ERROR_SUCCESS_RESTART_REQUIRED
The requested operation is successful. Changes will not be effective until the service is restarted.
ERROR_PRINTER_NOT_FOUND
No printers were found.
ERROR_PRINTER_DRIVER_WARNED
The printer driver is known to be unreliable.
ERROR_PRINTER_DRIVER_BLOCKED
The printer driver is known to harm the system.
ERROR_PRINTER_DRIVER_PACKAGE_IN_USE
The specified printer driver package is currently in use.
ERROR_CORE_DRIVER_PACKAGE_NOT_FOUND
Unable to find a core driver package that is required by the printer driver package.
ERROR_FAIL_REBOOT_REQUIRED
The requested operation failed. A system reboot is required to roll back changes made.
ERROR_FAIL_REBOOT_INITIATED
The requested operation failed. A system reboot has been initiated to roll back changes made.
ERROR_PRINTER_DRIVER_DOWNLOAD_NEEDED
The specified printer driver was not found on the system and needs to be downloaded.
ERROR_PRINT_JOB_RESTART_REQUIRED
The requested print job has failed to print. A print system update requires the job to be resubmitted.
ERROR_INVALID_PRINTER_DRIVER_MANIFEST
The printer driver does not contain a valid manifest, or contains too many manifests.
ERROR_PRINTER_NOT_SHAREABLE
The specified printer cannot be shared.
ERROR_REQUEST_PAUSED
The operation was paused.
ERROR_IO_REISSUE_AS_CACHED
Reissue the given operation as a cached IO operation.
Источник
Спасибо Вам большое! Сначала при команде setspn -L vm-2k3-tst$
выдавала ошибку… Начал разбираться… и выяснил, что я же восстановил ПК, но не включил его учётную запись. Включил и
setspn -L vm-2k3-tst$ показала, что ПК зарегестрирован, и сброс пароля прошёл успешно:
C:Documents and SettingsAdmin>netdom resetpwd /server:DC /userd:contosoAdmin /passwordd:*
Type the password associated with the domain user:
The machine account password for the local machine has been successfully reset.
The command completed successfully.
И мне вот интересно, команду о сбросе я делал на контроллере домена… Я что, ему пароль сбросил(DC)? Везде написан синтаксис команды, но нет чёткой расшифровки…(((
Ну вот результат setspn -L vm-2k3-tst$:
C:UsersAdmin>setspn -L vm-2k3-tst$
Зарегистрирован ServicePrincipalNames для CN=VM-2K3-TST,CN=Computers,DC=contoso,DC=com
Результат команды netdiag — тот же.
Очередная попытка netdom resetpwd с проблемого ПК:
C:Documents and SettingsAdministrator>netdom resetpwd /server:DC /userd:contosoAdmin /passwordd:*
Type the password associated with the domain user:
The machine account password for the local machine could not be reset.
The network path was not found.
The command failed to complete successfully.
DC — контроллер домена. А если я хочу сбросить пароль у проблемного ПК с DC, то мне нужно вводить: netdom resetpwd /server:vm-2k3-tst /userd:contosoAdmin /passwordd:* ???
Кстати, перенёс vm-2k3-tst из тестовой среды, в производственную, вот результат:
C:Documents and SettingsAdministrator>netdom resetpwd /server:DC.contoso.com /userd:contosoAdmin /passwordd:*
Type the password associated with the domain user:
The machine account password for the local machine could not be reset.
The specified domain either does not exist or could not be contacted.
The command failed to complete successfully.
-
Помечено в качестве ответа
20 февраля 2012 г. 7:51
Task Scheduler tasks configured with an S4U logon to fail with the error, “ERROR_NO_SUCH_LOGON_SESSION/STATUS_NO_TRUST_SAM_ACCOUNT”.
Solution:
Install this Windows 10 update kb4284822 to solve this issue.
Get Hired Faster with Jobscan to optimize your resume!
List of issues fixed through this patch KB4284822
- Addresses an application performance degradation issue in operating system functions. This degradation locks and frees large blocks of memory (such as VirtualLock and Heapfree) after installing KB4056892 and superseding fixes.
- Addresses performance regression in App-V that slows many actions in Windows 10.
- Adds a new MDM Policy, “DisallowCloudNotification”, for enterprises to turn off Windows Notification traffic.
- Changes the music metadata service provider used by Windows Media Player.
- Addresses an issue with the placement of text symbols in right-to-left languages.
- Addresses an issue with editing web password fields using a touch keyboard.
- Adds a Group Policy that provides the ability to hide recently added apps from the Start menu.
- Updates the Segoe UI Emoji font to use a water gun to represent a pistol emoji.
- Addresses a reliability issue with resuming from hibernation.
- Addresses an issue where SmartHeap doesn’t work with UCRT.
- Addresses an issue to ensure that Windows Defender Application Guard endpoints comply with regional policies.
- Increases the user account minimum password length in Group Policy from 14 to 20 characters.
- Addresses an issue that causes sporadic authentication issues when using Windows Authentication Manager.
- Addresses an issue where an Azure Active Directory account domain change prevents customers from logging on.
- Addresses an issue that displays unnecessary “Credential Required” and “Do you want to allow the app to access your private key?” messages. This issue occurs when running a Universal Windows Platform (UWP) application.
- Addresses an issue that causes the LSASS service to become unresponsive, and the system needs to be restarted to recover.
- Addresses an issue where client applications running in a container image don’t conform to the dynamic port range.
- Adds a new registry key that prevents access to the Internet using WWAN if a non-routable ethernet is connected. To use this new registry key, add IgnoreNonRoutableEthernet” (Dword) on HKEY_LOCAL_MACHINESoftwareMicrosoftWcmsvc using regedit, and set it to 1.
- Adds a new registry key that allows customers to control access to the Internet using WWAN without using the default connection manager. To use this new registry key, fMinimizeConnections” (Dword) on HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsWcmSvcLocal using regedit, and set it to 0.
- Addresses an issue that prevented ISO/DVD mounts and eject from working using VM settings and Powershell because of menu transition issues in VMConnect.
- Addresses an issue where restarting the Hyper-V host with Hyper-V Replica (HVR) enabled could cause replication to stop. It may also require a manual restart to resume the replication from a suspended state. The replication state should be normal after the Hyper-V host/VMMS is restarted.
- Addresses an issue that might cause the Mitigation Options Group Policy client-side extension to fail during GPO processing. The possible errors are “Windows failed to apply the MitigationOptions settings. MitigationOptions settings might have its own log file” or “ProcessGPOList: Extension MitigationOptions returned 0xea.” This issue occurs when Mitigation Options have been defined using Group Policy, the Windows Defender Security Center, or the PowerShell Set-ProcessMitigation cmdlet.
- Addresses an issue that causes a connection failure when a Remote Desktop connection doesn’t read the bypass list for a proxy that has multiple entries.
- Addresses an issue where Windows Defender Security Center and the Firewall Pillar app stop working when opened. This is caused by a race condition that occurs if third-party antivirus software has been installed.
- Addresses an issue that causes Task Scheduler tasks configured with an S4U logon to fail with the error, “ERROR_NO_SUCH_LOGON_SESSION/STATUS_NO_TRUST_SAM_ACCOUNT“.
- Addresses an issue in which Wi-Fi credentials must be entered each time a device restarts and tries to reconnect to Wi-Fi using Group Policy-distributed Preferred Network Profiles.
Addresses an issue that caused devices that installed KB4103727 (May 8, 2018 update) to become unresponsive at the device’s OEM logo before starting Windows. Before installing this update, a power cycle is required for the affected devices to recover.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Модераторы: vadim64, terminus
Правила форума
Убедительная просьба юзать теги [cоde] при оформлении листингов.
Сообщения не оформленные должным образом имеют все шансы быть незамеченными.
-
Witt
- мл. сержант
- Сообщения: 73
- Зарегистрирован: 2010-01-12 14:01:48
net join -U ошибка ввода в домен
Билет с помощью kinit получен, klist подтверждает:
Код: Выделить всё
# kinit witt
witt@DOMAIN.LOCAL's Password:
# klist
Credentials cache: FILE:/tmp/krb5cc_0
Principal: witt@DOMAIN.LOCAL
Issued Expires Principal
Oct 25 20:32:10 Oct 26 06:32:05 krbtgt/DOMAIN.LOCAL@DOMAIN.LOCAL
#Пробую ввести в домен:
Код: Выделить всё
# net join -U witt
Enter witt's password:
libnet_join_ok: failed to get schannel session key from server server.domain.local for domain DOMAIN. Error was NT_STATUS_NO_TRUST_SAM_ACCOUNT
Failed to join domain: failed to verify domain membership after joining: No trusted SAM account
ADS join did not work, falling back to RPC...
Enter witt's password:
Error in domain join verification (credential setup failed): NT_STATUS_NO_TRUST_SAM_ACCOUNT
Unable to join domain DOMAIN.
#Помогите разобраться.
-
Хостинг HostFood.ru
Услуги хостинговой компании Host-Food.ru
Хостинг HostFood.ru
Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/
-
GhOsT_MZ
- лейтенант
- Сообщения: 662
- Зарегистрирован: 2011-04-25 11:40:35
- Контактная информация:
Re: net join -U ошибка ввода в домен
Непрочитанное сообщение
GhOsT_MZ » 2012-10-25 19:40:00
А в AD есть пользователь witt и может ли он добавлять компы в AD?
-
Witt
- мл. сержант
- Сообщения: 73
- Зарегистрирован: 2010-01-12 14:01:48
Re: net join -U ошибка ввода в домен
Непрочитанное сообщение
Witt » 2012-10-25 19:44:08
Конечно. Это учётная запись вендового контроллера домена с правами администратора домена. Если бы не было, билетик бы Керберос не выдал.