Domain Secure Channel broken on Windows Server 2019

Chong 866 Reputation points
2024-12-18T09:47:06.4466667+00:00

Hi,

Recently, we found the domain secure channel on Windows Server 2019 broken in our AD. After restart the server, the connection can be resume, but it broken again in a few hour

We tried to reset the secure channel by using Powershell (Test-computersecurechannel -repair), reset the computer account password, and also disjoin and rejoin the server from domain. Both of these method can resume the connection, but the connection will broken again.

This problem only happened on the Windows Server 2019, others OS version like 2012, 2016 don't have this issue.

Any idea?

Thanks

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,589 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,811 questions
{count} votes

2 answers

Sort by: Most helpful
  1. GREGORY KOUROSH 0 Reputation points
    2025-01-02T20:20:43.5366667+00:00

    Did you resolve this issue? We are seeing something very similar. We have 2019 and 2022 DCs. The 2022's are all fine. About half our 2019s are doing this.


  2. Geoff McKenzie 315 Reputation points
    2025-01-17T07:00:47.6666667+00:00

    Hi Chong and Greg,

    From A quick net helpmsg....


    net helpmsg 3210

    This computer could not authenticate with ***, a Windows domain controller

    for domain ***, and therefore this computer might deny logon requests.

    This inability to authenticate might be caused by another computer on the

    same network using the same name or the password for this computer account

    is not recognized. If this message appears again, contact your system

    administrator.


    Assuming you have correctly ruled out the items in the above text then I woud suggest....

    Provide some more details of your environment.

    e.g. How many Domain Controllers do you have? What OS are they running? have you verified replication is in synch between all DCs? Any unusual networking configuration (NAT/FW/etc.). have you checked all warning and error events (DNS/RPC/Kerberos/Security/LDAP/etc.)? Are your DCs or affected servers Physical or VM? What Virtualisation are you using? Anything which may be different or handled differently by the OS? Do you have any other 2019 servers which are NOT affected? Have you tried another 2019 server?

    Anything else which may be specific you your environment or the affected machine(s)

    Regards,

    Geoff

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.