Fix Windows error that cannot connect to domain

TipsMake.com - Some time after your computer is logged in as a member of the Active Directory domain or more simply, some member of the domain uses a virtual software, you will encounter the following error

Windows cannot connect to the domain, either due to a faulty Domain controller, or because your computer account doesn't see it. Try again. If this message still appears, contact the system administrator to resolve it.

No matter how hard you try, you still can't log in with your account on the system. The only way to log in is to use a user account on the machine.

Note :

- In most cases, unless this happens because of an administrator error, you can log in with a domain user account when you disconnect. It only happens when this account you have used on this computer before and has not been disabled by the administrator.

- If you use a copy software or have just copied a computer that is a member of the domain, you should pay attention to the following two things:

1. Never copy a computer from a domain member.

2. Never copy a computer's operating system that is supposed to work with the Active Directory domain or any type of network without using SYSPREP.

After logging in, you will see in the Event Viewer the following errors:

NETLOGON 3210

This computer cannot authenticate WIN2003-SRV1.petrilabs.local , a Windows domain controller for the PETRILABS domain. Therefore, the new computer refuses to log in to the domain, this non-authentication error is caused by having another computer on the domain using the same name and password so your computer cannot be identified. If this message still appears, contact the system administrator.

LSASRV 40961

The security system cannot establish a secure connection with the server's cifs / WIN2003-SRV1.petrilabs.local , there is no connection protocol at all.

W32Time 18

NtpClient (time management program) cannot establish a connection between your computer and the petrilabs.local domain to ensure virtual synchronization time. This program will retry within 15 minutes.

Along with some other errors may occur. So, why are these errors?

An error occurs because the computer's password does not match. Domain members think their machine password is X, while the Domain Controller confirms it as Y, so the computer cannot verify the Domain Controller causing an error to occur.

Basically, there are 2 ways to fix this error:

Method 1: use the GUI

This method is the easiest to implement.

Note : The following images were taken from Windows XP Pro machine, but other operating systems can still apply this method.

1. Right-click My Computer , select Properties

2. Click the Change button in the Computer Name tab. Then, change the Member of choice in the Active Directory domain to Workgroup

3. Enter the workgroup name, then click OK

4. Immediately after that, you will have to fill in the confirmation from the administrator

5. Next is a confirmation message.

6. Restart the computer.

After restarting, log in and join the domain.

Method 2: use the command

You can use the netdom.exe tool.

Note : In Windows Server 2008 or Windows 7, netdom is available on the system, no need to download more.

Open the command prompt , type netdom.exe remove winxp cl1 /Domain:petrilabs.local / userd: petrilabsadministrator / passwordd: ***************

At this point, the computer account will display a red X in the Active Directory Users and Computers tab.

Using netdom.exe will not have to restart

Then type: netdom.exe join winxp-cl1 /Domain:petrilabs.local / userd: petrilabsadministrator / passwordd: ***************

Restart the device.

Now you can use the computer as usual.