We've seen it that Win 7 machines lose their trust relationship in cases where perhaps a machine was powered down incorrectly, and when it reboots, a system restore is done from the last recovery point. Once the machine comes back, it won't work on the domain anymore because the AD server(s) have a newer computer-password than the one from the system restore itself. Machine has to be unjoined and rejoined at that point to get it working.
Jesse Rink Source One Technology, Inc. HP Partner 262 993 2231 ________________________________ From: [email protected] <[email protected]> on behalf of Dean Cunningham <[email protected]> Sent: Sunday, October 5, 2014 9:12 PM To: ntsysadm Subject: Re: [NTSysADM] Win 7 workstations losing trust Got any 2003DCs *and* 2012 R2 DCs in the AD environment? Getting Event ID: 4 The Kerberos client received a KRB_AP_ERR_MODIFIED <http://britv8.com/event-id-4-the-kerberos-client-received-a-krb_ap_err_modified-windows-2003-and-windows-2012-r2-dc-environment/> http://britv8.com/event-id-4-the-kerberos-client-received-a-krb_ap_err_modified-windows-2003-and-windows-2012-r2-dc-environment/ hotfix available On Thu, Oct 2, 2014 at 10:55 PM, David McSpadden <[email protected]<mailto:[email protected]>> wrote: Why does this happen? I get them rejoined but why do they lose their trust relationship in the first place? Sent from my iPhone This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
