After importing the Group Policy management pack in SCOM it started picking up events on a customer network like these:
Windows cannot bind to [domain name] domain. (Invalid Credentials). Group Policy processing aborted.
Just a few hundred of them, so needed some investigation.;)
This issue can be caused by a number of reasons, I will list a few:
- Machine account in domain is not correct anymore. Fix by taking out of domain and re-adding to domain
- Check if it has other domain verification issues. Run netdom verify command.
- domain controller it is trying to talk to does not exist. Check in DNS.
- There is a user logged on who has had a password reset in the meantime. Check for logged on users that have been disconnected or forgot to log off for some time (days or more).
In this case the last option was bingo.
Lots of users logged on for days or more at console or through rdp and this company has a password policy for every 6 weeks.
The server is trying to run through group policy processing for both the machine accout and the logged on user acconts.
So in this case logged off some users with very long disconnected times and sure enough this fixed the issue.