Event ID/Source search
Keyword searchExample: Windows cannot unload your registry file
Event ID: 63 Source: w32time
The time service cannot provide secure (signed) time to client because the attempt to validate its computer account failed with error 1317. Falling back to insecure (unsigned) time for this client.
|English: Request a translation of the event description in plain English.|
As per Microsoft: "This problem can occur when the password of the inter-domain trust account is not synchronized on both sides of the trust relationship". See ME816577 and ME892426 for more details on this issue.
The Microsoft article ME328701 might explain it.
This usual occurs because the domain controller can not validate the computer account. There are normally 2 reasons for this:
1) a DNS lookup failure, meaning it doesnt know wher to find the server to validate the information.
2) There is a problem with the computer account or the domain. Most of the time, a remove and readd to the domain fixes this issue.
NTP = Network Time Protocol, RFC 1305
SNTP = Simple Network Time Protocol, RFC 2030
The difference between SNTP and NTP is that SNTP is a simplified NTP but also with a modified header interpretation to accommodate Internet Protocol Version 6 (IPv6) and OSI addressing. SNTP Version 4 includes certain optional extensions to the basic Version 3 model, including an anycast mode and an authentication scheme designed specifically for multicast and anycast modes.
Seems that W2K uses SNTP4 and when tried to authenticate the caller computer, failed (error 1317 = "The specified user does not exist"). Then falen back to unsigned time. The caller will still obtain the time, so no problem.
I have a Windows 2000 Server acting as the NTP Time server within my environment. Whenever routers and switches set time from my 2K server, this warning is recorded in the event log. No need to repair. My routers and switches are not SNTP capable, but the time is properly set.
When adding a machine to the domain, it is recommend to reboot the workstation. However some helpdesk personal are also downloading windows updates and other device drivers and not rebooting right away. Narrowed down to any workstation after 20 minutes from adding to the domain and rebooting gets this error. Removing and adding back to domain fixed (as long as they did wait again).
Windows cannot provide secure time to client: also happens when computer account is disabled on the domain. Enable it using AD Users and Computers and it will disappear.
|Private comment: Subscribers only. See example of private comment|
|Links: ME328701, ME816577, ME892426, NTPv3=RFC1305, SNTPv4=RFC2030|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated