Re-joining the EECS domain fixes this, but a simpler solution is also reported to work: * Unplug your ethernet connection (wireless users may have a physical switch to disable wireless).
* Login with your EECS account as normal (it will used cached credentials).
* Reconnect ethernet cable (or enable wireless).
* Logout, and then test that you can successfully login normally (while connected) again.
[2015-06-12 15:49:33 | Lars Rohrbach]
If you haven’t already patched and rebooted your Windows devices following installation of the June Microsoft patches, we recommend waiting — and working with your system administrator to plan for dealing with this NETLOGON error, just in case it affects your machine.
System administrators will want to make sure that a local account with administrative privilege is available, so that one can use it to login and re-join the EECS domain if necessary.
[2015-06-17 10:30:51 | Lars Rohrbach]
We believe the NETLOGON problem that affected some EECS domain clients is now resolved. If you haven’t already patched and rebooted, you should proceed with routine patching.
The problem appears to stem from a mismatch between two computer object attributes in Active Directory which are typically set by the client machine: dNSHostName and servicePrincipalName. Machines that exhibited the NETLOGON failure had a dNSHostName that includes the domain suffix (e.g. “MYHOSTNAME.eecs.berkeley.edu”) but had values in servicePrincipalName that did not (e.g. “RestrictedKrbHost/MYHOSTNAME”); adding a matching servicePrincipalName (“RestrictedKrbHost/MYHOSTNAME.eecs.berkeley.edu”) allowed logins to work normally again.
We have made this adjustment for all relevant computer objects in the EECS domain. Note that there are still valid reasons to receive the original error message, such as not being online or having the computer account removed from Active Directory. If you do still have any trouble logging in, feel free to email help@eecs.