After changing the GPO for my password policy users were forced to update passwords. One of the users connected by site to site VPN (sonicwall tz-150 to tz-190) kept getting his account locked out. His application event log is showing 1030 and 1006 events.
“windows cannot bind to domain. (invalid credentials). group policy processing aborted”
His system log is showing 40961 errors
“The Security System could not establish a secured connection with the server LDAP/Server.Domain.local. No authentication protocol was available.”
Using VNC I disjoined his computer from the domain setting it to a workgroup deleted the computer account in the ADUC then rebooted and rejoined the domain. still getting the exact same problems.
Drives mapped to the primary DC don’t work, drives mapped to a member server do work. Outlook is currently working as well. His logon script is not running so there must be some problem connecting to the netlogon folder.
There must be some creditials cached somewhere that I need to find and clear.