NetLogon 3210 events are logged after MSA renews its password in Windows Server 2012 R2

This article describes an issue that occurs after the Managed Service Account (MSA) renews its password in Windows Server 2012 R2. You can fix this issue by using the update rollup in this article. 
Symptoms
When this issue occurs, the security channel connection to the domain controller is disrupted. And the system starts to report NetLogon 3210 events that look like this:


Log Name: System
Source: NETLOGON
Date: date time
Event ID: 3210
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: computer_name
Description:
This computer could not authenticate with \\computer_name, a Windows domain controller for domain domain_name, and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator.

Note To recover from this issue, you must restart the computer or restart the NetLogon service.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
Learn about the terminology that Microsoft uses to describe software updates.
Properties

Article ID: 3155088 - Last Review: 05/17/2016 19:11:00 - Revision: 1.0

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Essentials, Windows Server 2012 R2 Foundation, Windows 8.1 Enterprise, Windows 8.1 Pro, Windows 8.1, Windows RT 8.1

  • kbsurveynew kbfix kbexpertiseinter kbqfe KB3155088
Feedback