I have found something that I am not sure if it is a MS bug or something else.
About a week ago we noticed that some Windows 2016 machines started getting out of sync with the machine account password. We have to shut the machines down, reset the machine account password from the PVS console, then boot them back up and they are fine. Looking at the event log on the machines we see the following message.
Event ID 1017
Source BNDevice
Data Updating machine account password - Client Service
Then immediately getting
Event ID 1015
Source BNDevice
Data Unable to negotiate new machine password - Error code: 0x2
These repeat every hour until we fix the machines.
Has anyone else seen this? I am not sure if it is an AD Hardening issue, a MS Certificate change issue, or something else.
We have the necessary Manage machine acount passwords set in PVS for 1 week, and have the Domain Member Disable machine account password item set in GPO.
This has been running in place for years, just started cropping up about a week ago.
Server 2019 and 2022, and Window 10 do not seem to be affected. Just Server 2016.
Question
Jeff Riechers
I have found something that I am not sure if it is a MS bug or something else.
About a week ago we noticed that some Windows 2016 machines started getting out of sync with the machine account password. We have to shut the machines down, reset the machine account password from the PVS console, then boot them back up and they are fine. Looking at the event log on the machines we see the following message.
Event ID 1017
Source BNDevice
Data Updating machine account password - Client Service
Then immediately getting
Event ID 1015
Source BNDevice
Data Unable to negotiate new machine password - Error code: 0x2
These repeat every hour until we fix the machines.
Has anyone else seen this? I am not sure if it is an AD Hardening issue, a MS Certificate change issue, or something else.
We have the necessary Manage machine acount passwords set in PVS for 1 week, and have the Domain Member Disable machine account password item set in GPO.
This has been running in place for years, just started cropping up about a week ago.
Server 2019 and 2022, and Window 10 do not seem to be affected. Just Server 2016.
Link to comment
4 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now