Your account has expired. Please see your system administrator.

Your account has expired. Please see your system administrator.
* Note, this is the computer account.

The security database on the server does not have a computer account for this workstation trust relationship.

 
From Microsoft

Log on locally as a local administrator. In the Network tool of Control Panel, select Change and enter a Workgroup name, leaving the domain. Restart the computer and log on locally as a local administrator.There are two methods to rejoin the domain:

  • You can join the domain from the client if at the same time you can provide an administrator username and password on the domain.-or-
  • You can delete the existing computer account in Server Manager, recreate the computer account, synchronize the domain, and then on the client rejoin the domain.

 

These are the possible causes of the account expired

01 – Date/Time is set incorrectly
02 – Missing domain suffix – possibly from a failed GPO or DHCP server
03 – SPN may not be updating correctly
04 – Duplicate SPN on the DC – http://technet.microsoft.com/en-us/library/cc733945(WS.10).aspx
04 – Computer Account conflict/corrupted – disjoin/rejoin
05 – There is a user domainName\MachineName in the local administrators, remove it from the administrators group
06 – A Windows update failed

* Simplest fixes: check time and/or disjoin/rejoin machine to domain 

 

Try this out on the Domain Controller:

From a DC/AD server

ldifde -f C:\SPNs.txt -t 3268 -d dc=domain,dc=com -l serviceprincipalname -r (serviceprincipalname=*) -p subtree

In the above command, replace DC=domain,DC=com with the DN of the domain. To check if duplicate SPN is present.

The issue could be a duplicate HOST or entry for the server found in a service account

OR

A) Start > Run > ADSIEDIT.MSC

B) Go to Domain Partition and mark the affected computer

C) Rightclick and Properties.

D) Doubleclick ServicePrincipalName

E) Add new value: HOST/yourcomputername.yourdomain.xyz or whatever HOST is missing.

 

Reference

http://social.technet.microsoft.com/Forums/windows/en-US/31905c1a-5c25-4426-ac8d-677004c21f5d/the-security-database-on-the-server-does-not-have-a-computer-account-for-this-workstation-trust?forum=itprovistanetworking

http://technet.microsoft.com/en-us/library/cc957199.aspx

http://virtualcurtis.wordpress.com/2011/03/02/fix-the-security-database-on-the-server-does-not-have-a-computer-account-for-this-workstation-trust-relationship/

http://social.technet.microsoft.com/Forums/windowsserver/en-US/eb0b6761-d468-4dc1-a90a-451ae78d409b/the-security-database-on-the-server-does-not-have-a-computer-account-for-this-workstation-trust?forum=winserverDS

http://technet.microsoft.com/en-us/library/ee849847(v=ws.10).aspx

 

email me