I work in level 2 support for a large company. We work in a moxed environement with Novell and Active Directory. A week or so ago, i started getting tickets with the following error message when the user would try to log in. "the trust relationship between this workstation and the primary domain failed". This is usually a simple fix. I usually remove them from the domain on the workstation side by changing them from a domain to a workgroup, then reboot. I then remove thier WSID(Work Station ID) from AD on the server side, wait a few minutes for the domain servers to propagate. Then ill re-add the workstation to the domain on the workstation side by changing them from a workgroup to the domain. This DOES fix the issue BUT. I have had some of the same users come back to me a day or 2 later with the same problem.
Here are some similarities with the user.
1) They are all newly added machines to AD. All machines that have been in AD seem to be unaffected.
2) This occurs on laptops only it seems. I figured out that this happens after a machine looses the network connection and after a reboot or it falls asleep. i.e. user closeses thier laptop instead of shutting down the machine. unplugs from the network, tries to start up the computer at a later time and the trust error occurs.
3) I just re-imaged a machine and added it to the directory so it seems un-likley that this is a client side issue. I can duplicate this problem by: Letting the machine fall asleep, unplugging the network cable, then starting the machine back up and plugging in the network again.
Are we missing something here? Are there to many machines in Active Directory? I didn't think there was a limit. Are there to many machines in 1 container? Is there a limit on how many machines can be in a container? We have 3 domain servers. Are they not syncing? HELP. I need someone who knows a lot about the inner workings of AD very well.
Start Free Trial
