I have several erros in the system event log of my single Windows 2003 SP2 domain controller.

Multiple member computers on the domain are listed in these errors.
I am seeing two similar errors for each computer one second apart in the event log.

Event ID 7
Source KDC
The Security Account Manager failed a KDC request in an unexpected way. The error is in the data field. The account name was MEMBERNAME$@DOMAIN.LOCAL and lookup type 0x8.

followed by

Event ID 7
Source KDC
The Security Account Manager failed a KDC request in an unexpected way. The error is in the data field. The account name was MEMBERNAME$ and lookup type 0x8.

The Lookup Types are also different, I have 0x8, 0x28, 0x0, 0x20.

I am also receiving other authentication errors in the same time frame as all of the KDC errors

Event ID 5722
The session setup from the computer MEMBERNAME failed to authenticate. The name(s) of the account(s) referenced in the security database is MEMBERNAME$. The following error occurred: Access is denied.

I have run dcdiag /v to see if there was something wrong with Active Directory, but all tests passed. I also ran netdiag /v and it appers all of those tests ran.

Any ideas on where to start for this issue?

Thank you,

Keith Sirmons
  • 740
  • 3
  • 13
  • 23

2 Answers2


When there are Kerberos problems, it's probably dns. If it's not dns, it's probably dns

(From Marc Minasi)

As part of standard checkup, could you check:

  • Time. All AD members mustn't have more than 5 minutes difference from DC by default
  • dnsdiag: check that all dns zone are replicated
  • Do you have enough free space on DC ?
  • If you still have Windows 2000 DC/wks, you may check http://support.microsoft.com/kb/812499
Mathieu Chateau
  • 3,175
  • 15
  • 10

Here is what I did to fix errors with PCs that got 5722 error on the DC. From DC, Event Viewer, System Error: Date: 3/25/13 Time: 9:06:08 PM Source: NETLOGON Event ID: 5722 The session setup from the computer HyperV1 failed to authenticate. The name(s) of the account(s) referenced in the security database is AZSVR-HYPERV1$. The following error occurred: Access is denied.

How to fix error: From Workstation or server that is having the problems. Example Server with issue: HyperV1 Domain: BlueNetowork.local Domain Admininistrator User: JSmith DC server: BN-DC1

Command to run from CMD window open with "Run as Admin..."
Test to make sure it is a "problem computer does not have a valid secure channel established with a domain controller, you receive output that is similar to the following"
    C:\Users\administrator>nltest /sc_query:BlueNetowork.local
    Flags: 0
    Trusted DC Name
    Trusted DC Connection Status Status = 5 0x5 ERROR_ACCESS_DENIED
    The command completed successfully

How to Fix:
    Flush DNS & Arp:
        ipconfig /flushdns
        arp -d *

Restpwd with netdom:
    netdom resetpwd /server:<servername> /userd:<username>\Administrator /passwordd:*
    C:\Users\administrator>netdom resetpwd /server:BN-DC1 /ud:BlueNetowork.local\jsmith /pd:*
    Type the password associated with the domain user:

    The machine account password for the local machine has been successfully reset.

    The command completed successfully.

Test to see if fixed:
    C:\Users\administrator>nltest /sc_verify:BlueNetowork.local
    Flags: b0 HAS_IP  HAS_TIMESERV
    Trusted DC Name \\BN-DC1.BlueNetowork.local
    Trusted DC Connection Status Status = 0 0x0 NERR_Success
    Trust Verification Status = 0 0x0 NERR_Success
    The command completed successfully