Trust Relationship error

Hi,

Please could someone help.

We have an overseas rollout programme and recently while abroad had to 
rebuild 19 machines which were shipped and originally built back in the UK 
because of an error "trust relationship between this workstation and the 
primary domain failed", in addition to this we don't know what the cached 
account is and therefor have to totally rebuild these machines from the local 
DC as we are unable to logon to the domain. Essentially these machines become 
"BRICKS".

Does anyone know why in the first instance this is happening, and is there 
anyway in which we could logon to the PC (BTW the admin password also gets 
disabled during the build before being shipped over) in order to attempt to 
take the machine out of the domain and then rejoin?

Any information would be greatly appreciated.

Regards.
-- 
Flinty
0
Utf
11/24/2009 9:05:01 AM
windows.server.active_director 902 articles. 0 followers. Follow

2 Replies
1183 Views

Similar Articles

[PageSpeed] 4

Hello Peter,

To get you correct the local administrator account is disabled and you have 
no other local admin user, which can logon with cached credentials?

Are the machines with the broken trust created with an image that isn't syprepped?

So in the new location you have a DC belonging to the same domain as the 
19 machines and the machines are listed in AD UC? Or is this a different 
domain?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers 
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm 


> Hi,
> 
> Please could someone help.
> 
> We have an overseas rollout programme and recently while abroad had to
> rebuild 19 machines which were shipped and originally built back in
> the UK because of an error "trust relationship between this
> workstation and the primary domain failed", in addition to this we
> don't know what the cached account is and therefor have to totally
> rebuild these machines from the local DC as we are unable to logon to
> the domain. Essentially these machines become "BRICKS".
> 
> Does anyone know why in the first instance this is happening, and is
> there anyway in which we could logon to the PC (BTW the admin password
> also gets disabled during the build before being shipped over) in
> order to attempt to take the machine out of the domain and then
> rejoin?
> 
> Any information would be greatly appreciated.
> 
> Regards.
> 


0
Meinolf
11/24/2009 11:43:04 AM
If you are intentionally disabling the Admin account (Not the password as 
you mentioned) I would suggest you create a new account elevate it to be an 
admin and create a strong password on it.  You should have some way to gain 
access to the machine in the event of an error such as what you are 
experiencing.

Not sure if there is a third party tool to enable an account, but there are 
tools to change a forgotten password.

The loss of the domain connection is tough to provide you much (If any) 
info, since you haven't given any details such as event logs.  Did any 
events recently occur?  Are you sure you have full connectivity with your 
enterprise?  This kind of sounds like a dc was lost and an improper recovery 
at a site, or something a long those lines.

-- 
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"Peter F" <PeterF@discussions.microsoft.com> wrote in message 
news:A3D81E4B-6135-4070-AB68-45D3B6ED087E@microsoft.com...
> Hi,
>
> Please could someone help.
>
> We have an overseas rollout programme and recently while abroad had to
> rebuild 19 machines which were shipped and originally built back in the UK
> because of an error "trust relationship between this workstation and the
> primary domain failed", in addition to this we don't know what the cached
> account is and therefor have to totally rebuild these machines from the 
> local
> DC as we are unable to logon to the domain. Essentially these machines 
> become
> "BRICKS".
>
> Does anyone know why in the first instance this is happening, and is there
> anyway in which we could logon to the PC (BTW the admin password also gets
> disabled during the build before being shipped over) in order to attempt 
> to
> take the machine out of the domain and then rejoin?
>
> Any information would be greatly appreciated.
>
> Regards.
> -- 
> Flinty 


0
Paul
11/24/2009 1:29:25 PM
Reply:

Similar Artilces:

Which SIde of Trust to run SFO Client
Login onto a CRM Active Directory domain, whether or not its joined to domain, and I can go OFFLINE without errors in SFO. Login to the non-CRM domain which is part of a trust, it does not. But I can add the CRM users to my non-CRM local admins etc, so its showing the trust is working. Does anyone know if CRM SFO should ONLY be installed on the CRM side of a trust and then authenticate against that in order to open the SFO? Does this mean the trust talked about in CRM is only to access resources on a pre-ACtive Directory network? And thus it will not work in the way described? Many thanks...

Error 0x800CCC6F
My wife is unable to send messages from her laptop. The following error message keeps appearing: An unknown error has occurred. Subject 'Whatever next?', Account: 'Susan', Server: 'mail.virgin.net', Protocol: SMTP, Server Response: '554 Sorry, this message is rejected here.', Port: 25, Secure(SSL): No, Server Error: 554, Error Number: 0x800CCC6F At other times, she is told that no account is specified. However, all the usual boxes seem to contain all the usual info, and everything worked fine until recently. Any ideas? Many thanks. Jack Jwtemp <jwte...

Linker errors #3
Hi, I have been managing couple of MFC projects in VS .NET2003, but for a particular project this is the structure:- A.dll, DLL linking to static MFC. B.lib, Static library linked to static MFC C.lib, Static Library linked to static MFC. Now I have project dependencies on B and C in A. Well I get clashes for the below functions, which I have been overcoming using /FORCE linker option and logically it seems ok to me as all the memory allocations/deallocations go through one routine after resolutions. I am a bit wary about what I am doing and feel I could fall into subtle runtime issu...

FP: Script not found Error !!! In DEX
Hi All, While coding in Dex Ver 10.00.0089, Am facing a problem. Am tryning to write script in Post event of a field in a window. While trying to set the debug pointer, i see the debug pointer inactive. Ignoring this, i created the chunk, but after i exploded and during the post of that field, am getting an error "FP: Script not found " and the script does not execute... i fetched the form, the base : Field, data type, and format... with no change in result. Am still getting the error... This is only with the post script of this field.. rest every where am able to see the de...

Exchange Error help
I am getting the following error in my event log on my exchange server. I have already stop/started the exchange services as well as removed/re added the exchange server from the exchange domain server group. Last week I did add the /3gb switch for our memory to be used correctly. Any help would be awesome. Event Type: Error Event Source: MSExchangeSA Event Category: General Event ID: 9187 Date: 6/29/2005 Time: 8:41:24 AM User: N/A Computer: SYNMAIL1 Description: Microsoft Exchange System Attendant failed to add the local computer as a member of the DS group object 'cn=Exchange ...

Error Handling
Pretty new to error handling - if they haven't selected required fields how can I subsitute a personalized message rather than the generic "You must enter a table/field field" and make sure the personalizxed doesn't come up followed by the generic access message? Thanks! -- Message posted via AccessMonster.com http://www.accessmonster.com/Uwe/Forums.aspx/access-modules/201005/1 szag via AccessMonster.com wrote: >Pretty new to error handling - if they haven't selected required fields how >can I subsitute a personalized message rather than the generic...

Error in SO Manager
I have installed RMS onto a machine and created a database and linked up fine but I can not open the Store Ops Manager it comes up with error bad file name or number I have tried uninstalling and reinstalling the POS works fine but the Manager just will not open Any Suggestions Open Store Ops Administrator, File/Configuration. Look at the paths and templates tabs. Verify that the paths and files listed there actually exist. There are also a couple of settings on the Register Tab that you might want to verify as well. Glenn Adams Tiber Creek Consulting http://www.tibercreek.com...

Sharepoint.dll error
On a 10.0 client install w/SP2, when launching GP, I am getting "Microsoft.Dynamics.GP.Sharepoint.dll Form Business_Desk_Sharepoint_Interop does not exist in the dictionary. Parameter Name: formname. To install, I uninstalled .net 3.0 sp1 and .net 2.0 sp1. I added the 2.0 sp1 back in. What is causing this error, Business Portal/Sharepoint is not installed. ...

Trust Center
Microsoft office excel security notices pop up is displayed when I start Excel 2007 to either "enable macros" or "disable macros" I enabled the 3 of them I go to "Excel Options" -- "Trust Center" -- "Trust Center Settings" The "Trusted Locations", "add new location", "remove" and "modify" are greyed out Trusted Locations was okay two weeks ago when I updated to 2007 and added the location paths to my startup files with macros embedded in them. Where do I change the policy for this re...

Creating Relationship with Entity Contact
-- Jaber ...

script error, cant get to any mail
When I open Office and try getting in my email, I get "a script erro has occured". My folders all load, but when I click on a folder to ge to that mail, I see that error. My email is a hotmail account.... -- jessicathedance ----------------------------------------------------------------------- jessicathedancer's Profile: http://www.officehelp.in/member.php?userid=585 View this thread: http://www.officehelp.in/showthread.php?t=131489 Posted from - http://www.officehelp.i ...

Windows
Hi - hope someone can help I get the following message: exception processing message c00000013 75b6bf7c 4 75b6f7c 75b6bf7c This just started for no apparant reason. The message won't cancel, try again or continue. It returns after re boot. Compter still runs fine - just can't get rid of the message. Only recent program addition was Quicken 2010 - how ever this error message didn't happen immediately after it was loaded. I did find some threads on this but nothing there that seemed to directly address this issue. Running XP Home edition version 2002 Service Pac...

e2k mail undeliverable error
Hi we're trying to move from exch5.5 to exch2000. Both exchanges are in different organisations. We've done all the necessary steps. exch 5.5 can receive/send mail from itself and 2000. Exch 2000 can send/receive mail to itself but not to exch 5.5. The error is " /O=TEST/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=55u3 on 29/03/2005 5:36 PM A configuration error in the e-mail system caused the message to bounce between two servers or to be forwarded between two recipients. Contact your administrator. <waitest.test.com.pg #5.4.6> " Further, we can see exch 5...

Macro to change X-axis scale has errors
I've read and studied code from a number of posts on this subject but my "newbie" macro code has errors. I have the minimumscale value and maximumscale value (entered by the user) stored in Sheet1 at $E$2 and $F$2. My chart is in Sheet2. This is my complete macro: Sub ChangeXAxisScale() ' ' ChangeXAxisScale Macro ' With Worksheets("Sheet2") With ActiveChart.Axes(1, 1) .MinimumScale = Range("$E$2").Value .MaximumScale = Range("$F$2").Value End With End With End Sub I know I am missing s...

trust relationsship
for the first time in about 10 years I got a message this morning "The trust relationship between this workstation and the primary domain failed." Dont even know how this comes about. Any ideas on how to fix this? I really dont want to take it off the domain just to put it back because of the profiles. Thanks, Raul Rego Raul wrote: > for the first time in about 10 years I got a message this morning > "The trust relationship between this workstation and the primary > domain failed." > Dont even know how this comes about. Any ideas on ho...

testApp error LNK2005: "unsigned long * Table_CRC16" (?Table_CRC16@@3PAKA) already defined in CRCTest.obj
Hi, all. I have only one line in my project head file, unsigned long Table_CRC16[256]; When I compile the project ,there is no complier error ,but when link this project ,it will turn out the error like the subject detailed. testApp error LNK2005: "unsigned long * Table_CRC16" (?Table_CRC16@@3PAKA) already defined in CRCTest.obj Could anybody tell me the root cause? Any helpful ideas would be highly appreciated! -ja "ja" <josndrsn@yahoo.com> schrieb im Newsbeitrag news:%23CjHBJ9zGHA.4228@TK2MSFTNGP06.phx.gbl... > Hi, all. > ...

Error message "The connection to the server has failed. Account: 'mail.xxxx.com', Server: 'mail.xxxx.com', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: 10060, Error Number: 0x800CCC0E"
When I setup the mail account, the account can send and receive email. BUT, when I setup the email account in home it cant send email, but it can receive email and show the following error message: "The connection to the server has failed. Account: 'mail.xxxx.com', Server: 'mail.xxxx.com', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: 10060, Error Number: 0x800CCC0E" What can I do? Brian Brian, It sounds like you have a firewall blocking port 25.try to telnet to a mail server out on the internet and see what happens. If your firewall is blocking ...

Error Code 80070424 04-12-10
Has anyone encountered this error code before? If so, any suggestions on how to correct this issue? Lisam wrote: > Has anyone encountered this error code before? If so, any suggestions on how > to correct this issue? 0x80070424 ERROR_SERVICE_DOES_NOT_EXIST Answers: Yes. Yes, there are suggestions. Here's one: http://groups.google.com/group/microsoft.public.windowsupdate/tree/browse_frm/thread/8c21f9c7d2256af0/60947bdc253b804f?hl=en&rnum=1&q=0x80070424+Vista+MVP+group%3Amicrosoft.public.windowsupdate&_done=%2Fgroup%2Fmicrosoft.public.windowsupdate%2Fbr...

trusts
I would like to set up one way trusts with exchange I have two different sites currently we use rpc over http for our remote site. Currently the remote site has its own domain name. I want to put an exchange server on the remote site and allow it to still see all the contacts of the larger company but I don't want it to be able to add to the global catolog on the main local exchange server. could you point me in the right direction. -- Mark Roshak Are both locations part of different AD Forests (and thereby different Exchange Orgs)? If yes: - to synchronize GALs between the 2 Org...

ExMerge pukes...error in ntdll.dll
Running ExMerge Version v6.5.7408.1 on Exchange 2003 SP1, under an exchange admin account. I step through the wizard, enter the name of the server, then the info store, hit next. It looks like it begins to read mailboxes and then just dies, throwing an exception in the event log in ntdll.dll. To rule out permissions, I log onto a different exchange server in the same org, with the same account, and am able to extract and merge to/from the IS on the original server. Further, on the original server, it doesn't matter which server in our exchange org I select. It can read the SG...

Exchange 5.5 Error Message
Good Day, I would like to know if theres is any way to modify the undeliverable error messages that exchange generates. The wording is very ambiguous. Thanks, Jerome Not out of the box, no. On Fri, 1 Oct 2004 12:57:14 -0700, "Jerome Hernandez" <jerome@5thscale.com> wrote: >Good Day, > >I would like to know if theres is any way to modify the undeliverable error >messages that exchange generates. The wording is very ambiguous. > >Thanks, >Jerome > So is there a third party I could use? Thanks in advance "Andy David - Exchange MVP"...

Error in OE Great Plains version 7.2
Hi: Running Great Plains 7.2 on a Mac OS 9.2 machine. After entering sales order data in the OE module, we get "can't find form" error message. We've rebooted to no avail. Any help would be appreciated. Just to confirm, you are using Great Plains Accounting and not Great Plains Dynamics? Can you post the complete error message, exactly as it appears? I have some old manuals and tech notes in storage and will take a look at them upon your response. Lyle On Fri, 24 Sep 2004 09:02:04 -0700, Casey Turton <Casey Turton@discussions.microsoft.com> wrote: >Hi: >Run...

Error in OL2002
I get the follwiong error when I clik on one of the PSTs (does not have a name in it, just the plus sign. the set of folders could not be opened. the requested information store could not be found in the active profile Can anybody point me how to clean this up? Also note: In the MAIL options under control panel, the DATA files look fine (only one valid entry), but under the accounts, it shows 2 blank entries where you can select the defualt mail store. Help please! THANKS! Try creating a new mail profile. -- Jocelyn Fiorello MVP - Outlook *** Messages sent to my e-mail address wil...

Headquarters Error
This is a multi-part message in MIME format. ------=_NextPart_000_0015_01CA19B3.1DB545E0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit Does anyone know how to resolve the following Headquarters error: <<CStateMachine::ExecuteState>> Error 7: Not enough storage is available to complete this operation. (Unhandled Error, state = '9') I received the error while running a Worksheet 401. My environment is the following: Server 1 Windows Server 2003 SP2 SQL Server 2000 EE SP4 4 GB ...

1 to 1 relationship
I have created a custom entity called Licensing. This entity will contain all of the license configurations per serial number that our accounts have. I created a relationship between the Licensing Entity and Accounts. Works great, I can select the licensing record (serial number) for the account on the Account form. My problem is I want the licensing to be restricted to only one account. Licensing is controlled by our serial number, I want a serial number to only be linked to one account, basically each record in the Licensing entity can only be linked to one account. The way it is now ...