• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 22905
  • Last Modified:

"The name or security ID SID of the domain specified is inconsistent with the trust information for that domain"

I recently started on a Windows 2003 test domain.  I have 6 Windows 2003 servers (SERVER1-6) all patched with all the security updates and antivirus.  I ran DCPROMO on SERVER1; it’s now my only DC, DNS server, WINS server, and DHCP (which is not being used at this point).  I created a new user (USER1) and made USER1 a member of DOMAIN ADMINS, SCHEMA ADMINS, and DOMAIN USERS.  I can log on to SERVER1 as USER1 with no problems.  Now on SERVER2, I join the test domain with no problems using the USER1 account I created.  I now try to log onto SERVER2 as USER1 and receive this error message “The name or security ID SID of the domain specified is inconsistent with the trust information for that domain”.  I can log on to SERVER1 as this user and I log on to SERVER2 as the local admin but I can not log on to SERVER2 as USER1.  Thanks in advance for you time.
1 Solution

Try readding the server in the domain, looks like something went wrong when the server was added to the domain. So first, make sure to "add" the 2 server to a workgroup (kinda like deleting it from the domain) and check the AD Users & Computers if the server 2 is in the AD. If so, delete it and add the server to the domain again.

If this doesn't work, you could try to reset the account after it is created within the domain..
kbws1Author Commented:
I did all of the above and it still didnt work so i just demoted SERVER1 back to a standalone server and then ran DCPROMO again and promoted back to a DC and then everything worked great.  
The cause of this problem is most likely because you ghost imaged the servers to each other. This means they all have exactly the same SID and the member server cannot join to the DC with the same SID. To resolve this, take the member server off the domain, run ghost walker to reset the SID on the member server, then rejoin and this will fix the problem.
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!


I had the same problem and i used NewSid program http://www.sysinternals.com/ntw2k/source/newsid.shtml
It chenaged the SID automaticlly (for those who don't know how to use ghost walker) and everything works fine

Jupp, this worked for me too, but the link posted by aleex is dead. Here is the new link: http://www.microsoft.com/technet/sysinternals/Utilities/NewSid.mspx
Thank you gentlemen, I actually just did that and now the server is rebooting.  I just checked here to see if anyone has posted any additional tips.  I will let you know the results
Thank you gentlemen for your help; the NewSid did the trick.  I am good to go for the exchange install next.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now