How do i get a computer trusted to a new domain without rejoining?

Hi Guys

I have recently reinstalled our server, because of a break down. Now i have a computer, that i do not wanna rejoin because of all the settings on the computer. The computer can logon to the domain but has to try several times. And i get this error in Eventviewer on the server

The computer TEC tried to connect to the server \\SASRV1 using the trust relationship established by the SA domain. However, the computer lost the correct security identifier (SID) when the domain was reconfigured. Reestablish the trust relationship.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

How can i get the computer trusted again? I have added the computer in the active directory.
LVL 1
tim_carterAsked:
Who is Participating?
 
tigermattConnect With a Mentor Commented:

Again, since you've created a new domain, the old profile isn't going to match up with the new internal SID identifiers and so on. The easiest way to save yourself from a lot of trouble further down the line is to let it create a new profile, and then you can copy over data from the old profile as you see fit.

-Matt
0
 
tigermattCommented:

If you have reinstalled the server and created a new Active Directory domain, you have no choice but to disjoin the PC and rejoin it to the new domain.

The act of creating a new domain will create new internal Security IDs (SIDs) in Active Directory. Even if the same server name, computer name, IP address and domain name are retained, the changed SID means the computer no longer trusts the domain, and you just disjoin and rejoin to generate a new SID and re-establish the trust.

-Matt
0
 
tim_carterAuthor Commented:
Hi Matt.

But cant i do that with some microsoft command tool?

Thanks
0
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

 
tigermattCommented:

No. There's certain tools for when doing mass-deployments to prevent SID duplication. However, the only way you can safely have a new SID and computer account password negotiated with the new Active Directory domain is to disjoin and rejoin.

-Matt
0
 
tim_carterAuthor Commented:
damn, ok. I will have to do that then. Isnt there really a smart way of moving a users profile? I have tried it before with some techniques. But the result was not stable. Thanks
0
 
tim_carterAuthor Commented:
Ok i se there is no easy way around it :) Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.