"The name or security ID SID of the domain specified is inconsistent with the trust information for that domain"

Posted on 2004-08-30
Last Modified: 2011-08-18
I recently started on a Windows 2003 test domain.  I have 6 Windows 2003 servers (SERVER1-6) all patched with all the security updates and antivirus.  I ran DCPROMO on SERVER1; it’s now my only DC, DNS server, WINS server, and DHCP (which is not being used at this point).  I created a new user (USER1) and made USER1 a member of DOMAIN ADMINS, SCHEMA ADMINS, and DOMAIN USERS.  I can log on to SERVER1 as USER1 with no problems.  Now on SERVER2, I join the test domain with no problems using the USER1 account I created.  I now try to log onto SERVER2 as USER1 and receive this error message “The name or security ID SID of the domain specified is inconsistent with the trust information for that domain”.  I can log on to SERVER1 as this user and I log on to SERVER2 as the local admin but I can not log on to SERVER2 as USER1.  Thanks in advance for you time.
Question by:kbws1
LVL 23

Accepted Solution

rhandels earned 300 total points
ID: 11933868

Try readding the server in the domain, looks like something went wrong when the server was added to the domain. So first, make sure to "add" the 2 server to a workgroup (kinda like deleting it from the domain) and check the AD Users & Computers if the server 2 is in the AD. If so, delete it and add the server to the domain again.

If this doesn't work, you could try to reset the account after it is created within the domain..

Author Comment

ID: 11945748
I did all of the above and it still didnt work so i just demoted SERVER1 back to a standalone server and then ran DCPROMO again and promoted back to a DC and then everything worked great.  

Expert Comment

ID: 12916209
The cause of this problem is most likely because you ghost imaged the servers to each other. This means they all have exactly the same SID and the member server cannot join to the DC with the same SID. To resolve this, take the member server off the domain, run ghost walker to reset the SID on the member server, then rejoin and this will fix the problem.
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.


Expert Comment

ID: 13273967

I had the same problem and i used NewSid program
It chenaged the SID automaticlly (for those who don't know how to use ghost walker) and everything works fine


Expert Comment

ID: 20013775
Jupp, this worked for me too, but the link posted by aleex is dead. Here is the new link:

Expert Comment

ID: 35181247
Thank you gentlemen, I actually just did that and now the server is rebooting.  I just checked here to see if anyone has posted any additional tips.  I will let you know the results

Expert Comment

ID: 35184203
Thank you gentlemen for your help; the NewSid did the trick.  I am good to go for the exchange install next.

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question