Knowledgebase
emscom > emscom Help Desk > Knowledgebase

Search help:


Re-establish broken trust relationship

Solution

Fault:

Can not log in to server or workstation joined to a domain, using domain login credentials.

Cause:

Various but most common is the the server or workstation having been offline or disconnected from the domain controler for some time.  The effected systems domain password expires, breaking the trust relationship. 

Fix:

netdom resetpwd /Server:<domain controller> /UserD:<domain admin> /PasswordD:<domain admin's password>

Reboot

 

Notes:

Rejoining the domain will also resolve the fault and is typically advised as the recommended option. However, rejoining a domain requires access to a domain controller and may create further re-work,  within user profiles.  Rejoinging the domain should be a later resort.

The netdom commmand is included with post Vista versions of Windows.  The command is not included with Windows 2003 server, or XP but can be downloaded as part of the Windows 2000 and Wndows 2003 Server resource kits.

This procedure is not suitable for domain controllers, as additionanl steps are required to disable the kerberos ticket distribution service and clear the kerberos ticket caches on other domain controllers.

 

 
Was this article helpful? yes / no
Related articles Windows 2008 R2 Administrator access denied from console
Shared mailbox on secondary domain
Sky broadband with 3rd party router
DMARC cheat sheet
QNAP Shared Folders
Article details
Article ID: 38
Category: Windows
Date added: 24-04-2013 06:06:25
Views: 251
Rating (Votes): Article rated 3.2/5.0 (11)

 
« Go back

 
Powered by Help Desk Software HESK, in partnership with SysAid Technologies