The secure channel between members of a domain and the domain controller can sometimes be broken. Recently, we have experienced with this where one of our Windows file server loses its secure channel to the DC. We ran several tests on it, e.g. netdiag, nltest. And all of them are pointing to the “Secure channel to domain “xyz” is broken error. We are also seeing event id like 5719 and 1053 in our event logs. Searching all over the web for solutions, we have finally found one that is helpful.
Event ID 1035:
Windows cannot determine the user or computer name. (Not enough storage is available to complete this operation. ). Group Policy processing aborted.
Event ID 5719:
This computer was not able to set up a secure session with a domain controller in domain XYZ due to the following:
Not enough storage is available to process this command.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
Event ID 537:
Logon Failure: Reason: An error occurred during logon
Below are the steps in fixing our broken secure channel issue.
How to reset a computer secure channel?
1. Start the ADUC snap-in
2. Find the computer object that is having the secure channel issue.
3. Right click and select “Reset Account”
4. Click “Yes” and “Ok”
5. Now rejoin the computer (the one that is having issue) into the domain
Related Tech posts:
- Logging off twice for Group Policy Updates
- Read Only Domain Controller
- How to delete a Domain Controller in a Windows 2008 Active Directory?
- Event ID 1053, 5719, 8032
- Domain Controller Requirements
- To see who is connected to my Domain Controller
- How to use LDP to remove a Domain Controller?
- How to remove a dead Domain Controller from Active Directory?
- Virtualization of Domain Controller
- Error code 0x80072F8F
