I have a Windows Server 2003 member server that is running IIS 6 in our test environment. It is a VM and was reverted to a snapshot about 4 days old. After doing this, attempts to log into the domain fail with system event ID 3210:
This computer could not authenticate with %dcin.mydomain.com, a Windows DC for domain %MY_DOMAIN, and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator.
All network and DNS issues have been ruled out.
After doing some research I have a hunch that the issue is the computer account password that by default changes every 30 days is out of sync. Issuing the "reset account" command from ADUC did not help the issue.
Attempts to reset the account also failed when using:
NetDom reset svrname /d:mydomain.com /uo:[email protected] /po:*
with a result of the Logon Failure: The target account name is incorrect.
If this were any other server that wasn't running IIS.... I would just remove it from the domain and rejoin it and move on with my life. But I don't know what effects doing that would have on IIS.
After I get through this I'm going got set HKLM/system/currentcontrolset/services/netlogon/paramerters/DisablePasswordChange to "1" But until then I'm not sure if the "NetDom reset" command is even the correct thing to do short of readding the server to the domain.
Thoughts?
You have a snapshot of the machine already. If unjoining and rejoining it to the domain borks IIS somehow (I doubt it will), you can still revert it. You also said that this was a test environment, which is kind of made to be blown up (in some sense of the word). I'd just unjoin and rejoin it.
It may not be kidding, as the cached Kerberos info from the old instance may be interfering with your ability to "activate" the reverted snapshot.
Did you shut down the VM before reverting ? Did it crash ?
The computer definitely has a problem now because resetting a computer account in AD Users and Computers breaks that computer's connection to the domain and requires it to rejoin the domain.