Trust Relationship Error
-
The user ad id is having trust relationship error.
The admin password is not known means what can be done ?
The user ad id is changed the new password,when the user ad id is tried with the old password working but he does not admin rights to rejoin the domain.
What can be done for this scenario?? -
If the trust relationship is not working, that has to be fixed first. No user account will work until trust is established.
-
@scottalanmiller The user who already worked in that machine can login with the old password.What can be the troubleshooting done here ??
-
Without admin password? The next step is ask the admin to fix it. That's all that can be done. This isn't something that the end user can fix on their own. Only the admin can address this.
-
@scottalanmiller I am the admin to fix.The OTP will be there to check the admin password.
The otp will not work once the trust relationship error occurs -
@Lakshmana said in Trust Relationship Error:
@scottalanmiller I am the admin to fix.
The admin is the person with the admin password.
-
What is an OTP?
-
@scottalanmiller One Time Paasword
-
-
@scottalanmiller Whether OS reinstallation is the only way to go??
-
@Lakshmana said in Trust Relationship Error:
@scottalanmiller Whether OS reinstallation is the only way to go??
Should not be. Do you have any idea when this started? You could try removing from AD and rejoining.
-
Check the event log, maybe there are obvious errors. Check the time, check DNS.
-
@scottalanmiller The rejoining cannot be done because of the admin password will be asked for the rejoin window itself at that time also the trust relationship error occurs,the DNS changed the Time is correct only
-
@Lakshmana said in Trust Relationship Error:
@scottalanmiller The rejoining cannot be done because of the admin password will be asked for the rejoin window itself at that time also the trust relationship error occurs,the DNS changed the Time is correct only
Might need to reinstall then.
-
@Lakshmana Need to reinstall. Should have awhile ago if this was known. Better to do it in a controlled environment than have something like this happen
-
@Lakshmana said in Trust Relationship Error:
@scottalanmiller The rejoining cannot be done because of the admin password will be asked for the rejoin window itself at that time also the trust relationship error occurs,the DNS changed the Time is correct only
How can their be a trust relationship error if you haven't joined the domain yet?
- You need to unjoin the domain
- You need to fix the time
- You need to rename your computer
- You need to rejoin the domain
-
@Lakshmana said in Trust Relationship Error:
@scottalanmiller The user who already worked in that machine can login with the old password.What can be the troubleshooting done here ??
Cached credentials.
The PC can't authenticate anyone against AD, so it's relying on itself.
Domain admins as far as I know have to be authenticated against the domain. So, unless you know the local admin password, you are going to have a difficult time. -
@IRJ said in Trust Relationship Error:
@Lakshmana said in Trust Relationship Error:
@scottalanmiller The rejoining cannot be done because of the admin password will be asked for the rejoin window itself at that time also the trust relationship error occurs,the DNS changed the Time is correct only
How can their be a trust relationship error if you haven't joined the domain yet?
- You need to unjoin the domain
- You need to fix the time
- You need to rename your computer
- You need to rejoin the domain
Also, check AD for the old name and delete it if you find it. No sense keeping an old broken record.
-
There are other ways, apparently to fix without the unjoin/rejoin but I've never had them work on the multiple attempts that I've made to use them.
There is some good information here: https://community.spiceworks.com/topic/594585-the-trust-relationship-between-this-workstation-and-the-primary-domain-failed
-
You can simply unplug the Ethernet cable, reboot and login with the domain admin login. It then cant check the domain on reboot and should let you in. You can then fix the time, remove it, make a local admin user, reboot, rejoin to domain. done this many times in the past, if I am understanding you.