0X00000A45

Workstation record missing user account (0X00000A45) – fix

Windows Errors Intermediate 👁 1 views 📅 May 29, 2026

This error shows up when a workstation's record in the domain has no user account attached to it. The fix is to recreate the computer account or reassign a user.

When does this error show up?

You'll see this error when a client computer tries to connect to a shared printer or a network share on a Windows Server (2012 R2 through 2022, and Windows 10/11). The exact message is: The user account for this workstation record is missing with error code 0X00000A45 (sometimes shown as decimal 2629). It also pops up in event logs under source NETLOGON or WORKSTATION.

The trigger is almost always a workstation that was joined to the domain, then removed from the domain and re-joined, or a computer account that was manually created in Active Directory Users and Computers (ADUC) but the user account field in the workstation's registry or profile got deleted or never set.

Root cause – plain English

Every workstation record in the domain has two key pieces: a computer account (the machine's name) and a user account (the user who owns or uses that machine). When you join a computer to the domain, Windows creates both. But if someone deletes the user account from AD, or if the workstation was added to the domain through a script that skipped the user field, the record gets orphaned. The server looks at the workstation record, sees the computer name, checks for a linked user account, finds nothing, and throws 0X00000A45.

The fix is to either reassign a user account to that workstation record, or delete the stale workstation record and let the client re-register properly.

Fix – step by step

I prefer the second option – delete the record and re-join – because it's cleaner. But if you can't touch the domain admin console, use option 1.

Option 1: Reassign the user account (faster, no reboot)

  1. On the domain controller, open Active Directory Users and Computers (dsa.msc). Go to the Computers container or the OU where the workstation lives.
  2. Right-click the workstation name (the computer account) and select Properties. (If you don't see it, turn on Advanced Features from the View menu.)
  3. Click the Managed By tab. You should see an empty field next to Name. If it has a name but it's wrong, click Change.
  4. Click Change and type the user's login name (like john.doe). Click Check Names – it should underline the name. Hit OK.
  5. Back on the Managed By tab, check the box Enable branch to set user account. (If it's already checked, uncheck and re-check it.)
  6. Click Apply and OK. Close ADUC.
  7. On the client computer, open a command prompt as admin and run gpupdate /force. Then restart the workstation.
  8. Try the network connection again. If the error is gone, you're done.

Option 2: Delete the stale workstation record and re-join (more reliable)

If Option 1 doesn't stick (the field clears again), the computer account itself is corrupted. Do this instead.

  1. On the domain controller, go to Active Directory Users and Computers. Locate the workstation's computer account.
  2. Right-click it and choose Delete. Confirm the deletion. The workstation record is gone.
  3. On the client computer, open an elevated PowerShell or Command Prompt.
  4. Type netdom remove <workstation-name> /domain:<domain-name> (replace with your stuff). Hit Enter. This removes any remaining local references.
  5. Reboot the client.
  6. Join the domain fresh: go to Settings > Accounts > Access work or school. Click Connect and follow the domain join wizard. Or use a command: Add-Computer -DomainName <domain> -Restart.
  7. After the reboot, log in with a domain account. The error should not reappear.

What to check if it still fails

If the error returns after Option 2, you've got a deeper issue. Check these three things.

  • DNS: The workstation must be able to resolve the domain controller. Run nslookup <domain-controller-name>. If it fails, fix your DNS settings on the client's NIC (point it to the DC's IP).
  • Time sync: Kerberos demands clocks within 5 minutes of each other. On the client, run w32tm /resync. If it errors, set the PDC manually: w32tm /config /manualpeerlist:<PDC-IP> /syncfromflags:manual /reliable:yes /update.
  • Duplicate computer accounts: Sometimes another workstation has the same name in AD. Use Get-ADComputer -Filter {Name -eq "your-workstation"} to see all matches. If you find more than one, delete the extra ones (carefully – pick the right one based on creation date).

If none of that works, you might have a corrupted SAM database on the client. That's rare, but you'd need to reset the machine's local security accounts. In that case, the fastest path is to wipe the system and re-image.

Was this solution helpful?

0X00000A45 NERR_RplWkstaNeedsUserAcct workstation record missing user account Windows domain error computer account missing Active Directory workstation fix user account missing from workstation record error 0X00000A45 fix workstation account Windows Server 2019 workstation error