Secure channel broken

[Prits]

Hi ,

I just ran netdiag /fix on one of my W2K DC's and got the following error:

[FATAL] Secure channel to domain 'china' is broken. [ERROR_NO_LOGON_SERVERS]

Any ideas?

I had a few issues getting this on the domain initially when the IP changed
whilst still being a DC inside a site. I then ran dcpromo /forceremoval and
re-entered this dc in the domain.

Any help appreciated.

Prits

 

[michvar[MSFT]]

Hello,

When you see that the secure channel is broken the first thing to try is
resetting the secure channel with netdom. To reset the secure channel for a
domain controller in a Windows 2000 domain use the following steps:

a. Stop the Kerberos Key Distribution Center (KDC) service, and then set it
to Manual startup.

b. Run the "netdom resetpwd /server:<replication_partner_server_name>
/userd:<domain_name>\<admin_user> /passwordd:*" (without the quotation
marks) command.

c. Restart the computer, start the KDC, and then set it back to Automatic
startup.

Thanks,
Michael Vargo
Enterprise Platforms Support Networking Team
Windows NT, 2000 & 2003 MCSE