You must have faced this error message “There are currently no logon servers available to service the logon request” or the security database on the server does not have a computer account for this workstation trust in your IT career.
In this post, you’ll get to know that there are many reasons and solution based on the Windows client and server systems.
Mostly, you’ll get an error like, “there are currently no logon servers available to service the logon request” or the security database on the server does not have a computer account for this workstation trust on the below domain-joined Windows systems:
- Windows Client OS
- Windows 7
- Windows 8
- Windows 10
- Windows Server OS
- Windows Server 2008 R2
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
Cause and Solutions
This issue come, when you try to login on the domain-joined system and anyhow the client is not able to reach to a domain controller for credentials verification.
As I said earlier, there could be many reasons for the error message “There are currently no logon servers available to service the logon request”.
Let’s discuss its cause and solutions one by one.
Fix Stuck Service issue (Netlogon)
You may check the Netlogon service status by login with the local administrator account.
Because if its statue is stopped or stuck that could be the reason it’s not able to communicate with the domain controller.
I’ll share the steps to fix the stuck service state, which you can try for any service:
- Firstly, find the service name of stuck service. e.g. Netlogon
- Enter services.msc in Run box or CMD
- Or use Get-Service command in PowerShell
- Use below PowerShell scripts to kill the respective process ID and start the stuck service.
# Mention stuck service name in this variable e.g. "Netlogon" $ServiceName = "Netlogon" # Get process ID of respective stuck service name $id = Get-WmiObject Win32_Service -Filter "Name LIKE $ServiceName" | select -expand ProcessId # Stop the process ID forcefully Stop-Process -Id $id -Force # Now check the current service name and start the service Get-Service $ServiceName | start-service
You need to perform below steps to check if system’s network is connected and getting IP address:
You can check the network connectivity for Windows client OS (Windows 7, 10) by any following commands:
- Start –> Run –> ncpa.cpl –> OK
- CMD –> ipconfig /All
- PowerShell –> Get-NetAdapter
You can check the all network adapter connection details by above commands.
- if its status is showing disconnected, please check cable or Wi-Fi connectivity.
- You may also check by disabling and enabling the network adapter
- You can also use single line PowerShell commands to re-enable
- Get-NetAdapter | Restart-Netadapter
- Please check if it’s getting an IP address from DHCP server.
- If the cable is connected but not getting an IP address, then please check if IP address is available on the DHCP respective Scope.
- You can also check by the reset network adapter
- Type netsh winsock reset and select Enter.
- Type netsh int ip reset and select Enter.
- Type ipconfig /release and select Enter.
- Type ipconfig /renew and select Enter.
- Type ipconfig /flushdns and select Enter.
Windows Server and VM
For example, if using a Windows server system or virtual machine then need to perform below steps also in addition to the above:
- Many times found that LAN cable is connected properly but still one of network adapter status shows disconnected.
- You need to restart the network adapter in this case and it’ll be OK.
- This steps would be helpful as no reboot will be required.
- For the Virtual machine, you may disconnect the virtual network adapter and connect back.
- you may give try by a reboot If the above solution doesn’t work.
Most importantly, you also need to check for correct DNS entries on the systems.
If DNS server entry is wrong or DNS server is not reachable then that could also be the cause of this error “there are currently no logon servers available to service the logon request”.
Domain Controller unavailability
You’ll also find that in case of domain controller unavailability we face this issue.
It could be not reachable due to network, DNS, server OS or hardware issue. So accordingly you need to troubleshoot.
You must have more than one Domain controller at site for high availability.
Domain Trust Broken
I’ve also experienced many times that network, domain controller, Windows OS are working properly. The only issue that network resources are not accessible in this case.
This happens mostly when domain trust is broken between client and domain but I don’t understand why it’s happening in the running server.
Many times you may also receive a different error message like “The trust relationship between this workstation and the primary domain failed or Error the security database on the server does not have a computer account for this workstation trust”
I know that you certainly know its solution by rejoin to domain. But that is time taking and complex solution like remove from domain and reboot and then rejoin.
I’ll show you a easy way to fix it without reboot the system.
Firstly, you need to verify the secure channel status between workstation and primary domain controller.
##Fix Error the security database on the server does not have a computer account for this workstation trust error # Testing secure channel status Test-ComputerSecureChannel -Verbose False VERBOSE: The secure channel between the local computer and the domain example.com is broken.
If you’re also getting same False result similarly above then certainly you need to repair secure channel to fix this issue.
- Login with the local administrator account
- Verify local network is OK
- Run below PowerShell commands to repair it
# Test secure channel and repair it. Test-ComputerSecureChannel -Repair -Credential (Get-Credential)
You must have enough AD rights to execute above repair commands successfully.
- If that doesn’t work you may check by reset computer account in Active Directory.
- If still have the same issue after that I recommend you to perform the manual domain rejoin time taking solution. Please check for the steps in the next section.
Stale Computer Account
Stale computer accounts are those computer account in Active Directory which are inactive because of not connected to domain for a long duration.
In other words, if you are going to connect a system which was shutdown or disconnected from network for some months, then you’ll definitely get the error.
As per your domain policy the duration of marking system inactive can be different than default 180 days.
In this case if computer account hasn’t been deleted then can follow the above Domain Trust Broken section steps.
If your computer account has been deleted from Active Directory, in that case you need to rejoin the computer with below steps:
- Login with local administrator account
- Run below cmd commands to unjoin from domain
netdom remove computername /domain:domainname /reboot
- Then after reboot again login with local administrator account and run below cmd to rejoin
netdom join computername /domain:domainname /reboot
- Reboot again and then you can login with domain account.
By default, in Active Directory any authenticated users (normal user account) can join up to 10 computers to a domain.Domain Joining Tips
Please also take following course for more learning….
Error “There are currently no logon servers available to service the logon request” or Error the security database on the server does not have a computer account for this workstation trust. In this post, you’ll get to know that there are many reasons and solution to solve this error. Now you’ll be able to solve many domain network-related issues.
Please also check our other posts on this site for more learning. 🙂
You may also check this page for more info.