Wednesday, January 09, 2008

Netlogon event ID = 5720

Local security database is corrupted.
Found reference as:
"[HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\$MACHINE.ACC]
You might have to change permissions at the SECURITY level of the key."
Used regedt32 end go to the key, can not see anything under SECURITY hive, reseted permission on the key to give administrators full rights - still can not see keys under. Tried to create a key and all keys became visible. So deleted $MACINE.ACC key and was able to unjoin and rejoin the domain.

2 comments:

  1. you see notinhg under the "Secrets" key because you have to run regedit as LOCAL SYSTEM user.
    There are several tools that do that, but even if you browse the Secrets key you will see only encrypt content. for more information take a look on this site: http://pasotech.altervista.org/delphi/articolo94.htm (italian).

    bye.

    ReplyDelete
  2. Thanks Boris. It worked fantastically. I was having sleepless nights for this issue. God bless you !

    ReplyDelete