I have one computer on my domain that has suddenly stopped receiving software updates via group policy. Domain logins still work, and group policy on the machine is still being updated, so it knows that there are new packages to install and where to look for them, but every time it tries to install a package, it throws a 1622 error (location not found).
Logged in users can reach the same network shares, and every other computer on network is installing the packages. Further investigation found that other services running as "System" on the problematic computer are also unable to authenticate to network shares.
How do I diagnose/fix this computer's account in Active Directory? The computer account exists, and is a member of "Domain Computers" - or is there something else I should be looking at?
The question is: How does one fix a broken machine account in AD without reimaging?
You could try an account reset but I haven't had much success with it.
Rather than spend hours trying to diagnose the issue the thing to try is to log in as a local administrator, disjoin from the domain, reboot, and rejoin the domain. This should not only fix the account but should correct any broken associations to the domain as well as it would force a group policy refresh.
If that doesn't do it then I'd suggest posting the actual event log entry for the 1622 so we're able to see what it's looking for and failing to find.