LKBEN10660: After restoring a pc from an image, also called cloning, it cannot logon to the domain anymore.
Symptom
You want to be able to restore an image without having to join the domain again
Cause
This happens with all kind of imaging software (e.g. ghost) and is a normal behaviour
Solution
A workstation belonging to a domain, does change the computer account password of the local computer every 30 days by default. When your image is older and is restored, you will not be able to logon to the domain. You can change this behaviour by changing the registry.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
REG_DWORD: maximumpasswordage
The value can be entered in days. The default is 30 and can be from 1 till 1000000.
You can fully disable this changing of the computer account password with the DisablePasswordChange entry and setting it to 1. (setting it to 0 activated it) This entry does not exist by default and has to be added if wanted. Please note that the changing of the password is a security feature.
With the entry RefusePasswordChange on all your domain controllers, you can deactivate this feature for the entire domain.
Disclaimer:
The information provided in this document is intended for your information only. Lubby makes no claims to the validity of this information. Use of this information is at own risk!About the Author
Author: - Keskon GmbH & Co. KG
Wim Peeters is electronics engineer with an additional master in IT and over 30 years of experience, including time spent in support, development, consulting, training and database administration. Wim has worked with SQL Server since version 6.5. He has developed in C/C++, Java and C# on Windows and Linux. He writes knowledge base articles to solve IT problems and publishes them on the Lubby Knowledge Platform.