You may receive this error along with event id 3210 or 5721 (5722 on the domain controller) if you changed the name of your computer, you used an old ERD, or your computer account was removed from the domain.

The secure channel between the member computer and the domain controller has been broken. To fix this, you would normally perform many steps using Server Manager and booting of the member machine to a workgroup before being able to rejoin the domain.

Using NETDOM from

you can reset the secure channel from the command line of the wounded member computer (or any domain controller or working member that has admin access to the wounded member):

   NETDOM MEMBER \\WoundedMember /JOINDOMAIN

If your domain is named MyDomain, you will receive messages similar to:

    Searching PDC for domain MyDomain
    Found PDC \\MyDomainPDC
    Querying domain information on PDC \\MyDomainPDC
    Querying domain information on computer \\WoundedMember
    Computer \\WoundedMember is already a member of domain MyDomain.
    Verifying secure channel on \\WoundedMember
    Verifying the computer account on the PDC \\MyDomainPDC
    Resetting secure channel ...
    Changing computer account on PDC \\MyDomainPDC
    Stopping service NETLOGON on \\WoundedMember .... stopped.
    Starting service NETLOGON on \\WoundedMember .... started.
    Querying user groups of \\WoundedMember
    Adding MyDomain domain groups on \\WoundedMember

    The computer \\WoundedMember joined the domain MyDomain successfully.

    Logoff/Logon \\WoundedMember to take modifications into effect.