Windows DatabaseebooksStatistical Information

LWE10097 : After restoring a pc from an image, also called cloning, it cannot logon to the domain anymore.

Symptom:

You want to be able to restore an image without having to join the domain again

Cause:

This happens with all kind of imaging software (e.g. ghost) and is a normal behaviour

Solution:

A workstation belonging to a domain, does change the computer account password of the local computer every 30 days by default. When your image is older and is restored, you will not be able to logon to the domain. You can change this behaviour by changing the registry.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

REG_DWORD: maximumpasswordage

The value can be entered in days. The default is 30 and can be from 1 till 1000000.

You can fully disable this changing of the computer account password with the DisablePasswordChange entry and setting it to 1. (setting it to 0 activated it) This entry does not exist by default and has to be added if wanted. Please note that the changing of the password is a security feature.

With the entry RefusePasswordChange on all your domain controllers, you can deactivate this feature for the entire domain.

Disclaimer:

The information provided in this document is intended for your information only. Lubby makes no claims to the validity of this information. Use of this information is at own risk!
Copyright © 2004-2011 Lubby (V3.0.10 Aug 2011)
Sponsored by Keskon.
Statistical information by Google Analytics