Huge problem with CTM and Domain

[Guest]

[stockduck]

Hi everybody.

We are using CTM to save our machines from unauthorized installations, while simultaneously the users have admin rights. CTM is protected by authentication and a system restore is selected at every restart.  All machines are bound at a domain and are Windows 7 x64 Prof Clients. CTM version 2.8.155286.178

About a month ago, we had a problem, that ALL machines weren´t able to connect to the domain, because of "The trust relationship between this workstation and the domain could not be established".

Ok, the (trusting) password which was generated between machine and domain will be generated each month. So- the problem was a mix between our configs and the CTM, because CTM is - of course- resetting the password on the machines too. We set, that the password will be NOT renewed on the domain controller and per GPO (via reg entry) on the machines. After that we kicked all machines from the domain and added them again.

Today- again a month, we have the problems again. Every computer (we disabled CTM on some machines) which wasn´t protected by CTM works fine. Every other has the same problems again.

Any ideas what I can do?

Thx


PS.: We were using Windows XP (x86) before, with the good old "Winrollback" from Avira- there weren´t any problem with.

[Flykite]

Hi stockduck:

This is not because of CTM, but because of the internal mechanism of Active Directory. You can get more details about it from MicroSoft:
http://support.microsoft.com/kb/154501/en-us/

And how to avoid this problem? In short, here is the entry for each of the workstations:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"DisablePasswordChange"=dword:00000001

[stockduck]

That was exactly what we have done.

[Tags:]