Losing trust relationship with domain
I have about 30 C90LE7's deployed in my environment joined to the domain. Citrix Desktop Lock is installed so when a domain user logs in, they are presented with a Citrix XenApp Desktop, and not the WES7 desktop.
If a thin client is rebooted or off the network for 30 days, the next time a user attemps to log in they are presented with a domain trust relationship error. What is happening is the WES7 thin client is requesting a machine account password change with the domain controller and the thin client does not retain the password after a reboot. From everything I've read in the Wyse Knowledge Base and else where, the RegFilter in WES7 should automatically retain the password. I'm using C90LE7 image BCB0_0827_4096.
Anyone else experience this problem?
This is concerning. I read the same technote and i also did some digging in the registry under the regfiler section. It does have a section for the mac account allowed through the regfilter.
Did you have to modify the reg filter to overcome this?
Originally Posted by mpsliva
I have experienced something similar to this after a power outage. The trust relationship on several Z90 w/ WES7 is broken and I have to rejoin them to the domain. A huge pain. If anyone has any suggestions, I would also like to know.
I’m also seeing the same thing on Z90D7’s after a power outage, glad it's not just me. 2 out of 30 had it happen last time, don’t know what the rhyme or reason for it is. I may open a support case, but I’ve been pretty disappointed in support lately. Anything somewhat complicated seems to become an unsolved mystery that no one ever contacts me back on.
We had a similar issue when first rolling out 60 C90LE7 thin clients. After 30 to 45 days of use in the domain, the trust relationship would break. Found an alternate method of having users login, but still interested in an actual resolution.
Don't suppose anyone has gotten anywhere with this? I still have z90's that randomly lose their trust. Sometimes after a power failure, sometimes not. Very frustrating and tech support so far hasn't been any help.
Originally Posted by DSHUE
Ultimately, I created a GPO that disabled the machine password change. RegFiltering did not work for me. I haven't had to rejoin a C90LE7 to the domain since I created the GPO.