“The local security authority cannot be contacted” – Remote Desktop

“The local security authority cannot be contacted” – Remote Desktop

by | 2 min read
Published:
Updated:

I recently had to restore several virtual machine servers from a previous snapshot. Unfortunately, the domain controller snapshot was taken at a different time than the other machines.

All seemed well as I logged on to each machine remotely with the domain administrator account. That was until one of them returned with the following error:

An authentication error has occurred. The Local Security Authority cannot be contacted.

This could be due to an expired password. Please update your password if it has expired. For assistance, contact your administrator or technical support.

The Local Security Authority cannot be contacted. This could be due to an expired password.

The error suggests that the password could have expired on the account. From Googling around it is apparently possible to log in with the local administrator account and reset the password. In my case, I couldn’t log in to the local account remotely and still got the same error above.

It was possible however to log in from the VMWare console and get access to the box. I was a bit reluctant to reset the domain administrator password considering I could log on to the other boxes. When logging on locally with the domain administrator account I got this error:

The trust relationship between this workstation and the primary domain failed.

So what causes this problem? Well, every 30 days the machine’s private secret which is shared with the domain controller changes. Unfortunately, that private secret changed between the dates the snapshots were taken on the two machines.

The fix from Microsoft for this is to remove the computer from the domain controller and rejoin it but this isn’t always possible and is a bit heavy-handed.

To fix this you need to log on locally as the local administrator and run the following in PowerShell.

$credential = Get-Credential

You will be prompted for account credentials at this point. You should use the domain administrator account for this. Then run the following:

Reset-ComputerMachinePassword -Credential $credential -Server dc.dev.local

The server should be the hostname of the domain controller.

If this errors it might be because you are using PowerShell 2 instead of 3 which doesn’t support the credential parameter. In this case, just run this and you should be prompted for credentials.

Reset-ComputerMachinePassword -Server dc.dev.local

You should now be able to log in as the domain administrator again.

I haven’t tried it myself but others have also had success with the following command:

Test-ComputerSecureChannel -Repair -Credential $credential

If this gets you out of a tight spot please leave a comment below.


🙏 Was this helpful? If you want to say thanks, I love coffee ☕️ , any support is appreciated.


ALSO ON ALEXHYETT.COM

What is Event Driven Architecture?

What is Event Driven Architecture?

  • 14 April 2023
One of the leading architecture patterns used with microservices is event-driven architecture. Event-driven architecture has many benefits…
Hosting n8n for Free with Railway

Hosting n8n for Free with Railway

  • 30 January 2023
I have been using n8n for a couple of months now, and it has allowed me to automate so much of my daily workflow. These are some of the…
Using GitHub Actions to Deploy to S3

Using GitHub Actions to Deploy to S3

  • 26 March 2021
Recently I went through the process of setting up Drone CI on my Raspberry Pi. The plan was to use my Raspberry Pi as a build server for…
Getting Started with AWS Step Functions

Getting Started with AWS Step Functions

  • 12 March 2021
I have recently been looking into AWS Step Functions. For those not familiar with them, Step Functions are Amazon’s way of providing a state…
Useful Docker Commands Worth Saving

Useful Docker Commands Worth Saving

  • 12 February 2021
I use docker every day. All the applications I write at work or at home end up in docker containers. Most of the time though, I am only…
Grafana Monitoring on a Raspberry Pi

Grafana Monitoring on a Raspberry Pi

  • 28 January 2021
As you might have seen from my last few posts I have quite a lot running on my Raspberry Pi. I am currently using a Raspberry Pi 2 B which…
How to set up Drone CI on Raspberry Pi (and why you shouldn't)

How to set up Drone CI on Raspberry Pi (and why you shouldn't)

  • 27 January 2021
I wanted to put together my home build server using my Raspberry Pi. After looking at the options I picked Drone CI, it has a nice interface…
Traefik vs Nginx for Reverse Proxy with Docker on a Raspberry Pi

Traefik vs Nginx for Reverse Proxy with Docker on a Raspberry Pi

  • 20 January 2021
I use my Raspberry Pi as my own personal home server. Up until recently, I have been using nginx as a reverse proxy for my docker containers…