Senin, 23 Januari 2017

Login Error "The Security Database on the Server Does Not Have a Computer Account for This Workstation Trust Relationship"




Last 3 month we have problem on several user which can't change password when user password is expired.

We get error message "The Security Database on the Server Does Not Have a Computer Account for This Workstation Trust Relationship" when we try to change the password.

Consider the following scenario:
    - You have a domain controller that runs Windows Server 2008 R2.
    - You perform an authoritative restore action on the KRBTGT account.
    - You log on to a Windows 8.1 client, a Windows 8 client with the Kerberos.dll file from update 2883201 or a later update, or a Windows 7 client with update 2845626 or a later update.
    - You try to reset or change the domain password.

In this scenario, the password cannot be reset or changed. Additionally, you receive the following error message:
"The security Database on the server does not have a computer account for this workstation trust relationship"

This issue occurs because the Windows Server 2008 R2 domain controller handles a specific flag incorrectly.
The flag is introduced on the client-side to resolve an issue in which the kerberos.dll file is not updating a user's credential cache if the user logs in by using their user principal name (UPN).

To solve this issue try to install Security Update KB2910686 on your Domain Controller and restart the server.


Note :

- If you have several Domain controller, make sure all your domain controller installed the Security Update.



~~Thanks~~



0 komentar:

Posting Komentar