Domain Login Fails If Snapshot Is Reverted
![Prevent Domain Trust Relationship Failed With Snapshots In A Lab](https://petri.com/wp-content/uploads/sites/3/secure-channel-error-41.png)
Let me explain by default every 30 days active directory server will change the machine key for each its domain members so when you restore the snapshot which is older than 30 days trust relation between workstation and domains fails.
Domain login fails if snapshot is reverted. After doing this attempts to log into the domain fail with system event id 3210. But now i am not able to login to the machine even the administrator account doesn t seem to work. Today i reverted back to my baseline snapshot and suddenly could not log in to the server using remote desktop.
This is caused because the machine creates an account on the domain. Power on and use the vm a day or several days revert to the snapshot. Why i am insisting the number 30 here.
When a user attempts to logon using ad credentials the authentication fails and the following events are recorded in var log messages. So i reverted the dc to the last created snapshot. It is a vm and was reverted to a snapshot about 4 days old.
It also happened back when we were re imaging to revert our drives. If the virtual computer was reverted to previous snapshot between machine password changes in ad the ad controllers will not let the computer authenticate again due to machine password mismatch. The topology information in the active directory for this replica has not yet replicated to all the domain controllers.
I had taken a vmware snapshot of our dc few weeks back and today i had accidentally deleted few users and groups. Frs is not running on domain com. The trust relationship between this workstation and the primary domain failed this happens whether you are using vmware or virtualbox.
Repeat steps 4 and 5 for several weeks. According to the vm information it was connected to the domain since the time the snapshot was made. I thought that because i just reverted a snapshot for this vm that this might be the problem.