Server 2008 R2 (SBS2011) – DNS Access Denied – Network (Unauthenticated)

Server 2008 R2 (SBS2011) – DNS Access Denied – Network (Unauthenticated)

Recently I had a client with an SBS2011 who lost power to the server. Client PCs were unable to access the server resources and errored saying that the PC may have been compromised.

When the server had rebooted the network location had changed to Unauthenticated. When trying to access the DNS console I was getting an error saying Access Denied.

See below for reference:

DNS Access Denied

DCDiag was failing on connectivity but Active Directory Users and Computers was accessible.

After a while I managed to resolved the error by running the below command followed by a reboot:

nltest /sc_change_pwd:domainname.local

Command Description:
Changes the password for the trust account of a domain that you specify. If you run nltest on a domain controller, and an explicit trust relationship exists, then nltest resets the password for the interdomain trust account. Otherwise, nltest changes the computer account password for the domain that you specify. You can use this parameter only for computers that are running Windows 2000 and later.

Once the server had rebooted the network location changed back to ‘Domain’ and DNS was accessible. All client machines was then able to access the server.

Comments on my blog have indicated that this fix also works with Server 2012 R2.

17 Replies to “Server 2008 R2 (SBS2011) – DNS Access Denied – Network (Unauthenticated)”

  1. OMG. After 3 hours of research and almost resorting to a restore, I found your fix and it worked for me also on 2012 R2. Thank you so much!

  2. legend. spent a couple of hours trying to deal with this problem this morning. It randomly started happening after a reboot. nothing else we tried worked, but this certainly did the trick! happy days.

  3. Hey guys figuring out the same error after installing microsoft updates and did a reboot of the server. I guess I have to change “domainname.local” into my specific domainname?

    nltest /sc_change_pwd:domainname.local

    Thanks!

    1. Hi Andy,

      Yes that’s correct, replace that section with your specific domain name.

      Hope that resolves it for you.

      Dave

    2. Now after rebooting the server it took 30 min to hit ctrl alt del to log on, after log on the desktop will be prepared, now the state is a blue background and the gui wont show up since 60 min 🙁

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: