?
Solved

How do i get a computer trusted to a new domain without rejoining?

Posted on 2009-02-18
6
Medium Priority
?
242 Views
Last Modified: 2012-05-06
Hi Guys

I have recently reinstalled our server, because of a break down. Now i have a computer, that i do not wanna rejoin because of all the settings on the computer. The computer can logon to the domain but has to try several times. And i get this error in Eventviewer on the server

The computer TEC tried to connect to the server \\SASRV1 using the trust relationship established by the SA domain. However, the computer lost the correct security identifier (SID) when the domain was reconfigured. Reestablish the trust relationship.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

How can i get the computer trusted again? I have added the computer in the active directory.
0
Comment
Question by:tim_carter
  • 3
  • 3
6 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 23669270

If you have reinstalled the server and created a new Active Directory domain, you have no choice but to disjoin the PC and rejoin it to the new domain.

The act of creating a new domain will create new internal Security IDs (SIDs) in Active Directory. Even if the same server name, computer name, IP address and domain name are retained, the changed SID means the computer no longer trusts the domain, and you just disjoin and rejoin to generate a new SID and re-establish the trust.

-Matt
0
 
LVL 1

Author Comment

by:tim_carter
ID: 23669723
Hi Matt.

But cant i do that with some microsoft command tool?

Thanks
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 23669752

No. There's certain tools for when doing mass-deployments to prevent SID duplication. However, the only way you can safely have a new SID and computer account password negotiated with the new Active Directory domain is to disjoin and rejoin.

-Matt
0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 
LVL 1

Author Comment

by:tim_carter
ID: 23669762
damn, ok. I will have to do that then. Isnt there really a smart way of moving a users profile? I have tried it before with some techniques. But the result was not stable. Thanks
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 2000 total points
ID: 23669864

Again, since you've created a new domain, the old profile isn't going to match up with the new internal SID identifiers and so on. The easiest way to save yourself from a lot of trouble further down the line is to let it create a new profile, and then you can copy over data from the old profile as you see fit.

-Matt
0
 
LVL 1

Author Closing Comment

by:tim_carter
ID: 31548202
Ok i se there is no easy way around it :) Thanks
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Can I legally transfer my OEM version of Windows to another PC?  (AKA - Can I put a new systemboard in my OEM PC?) Few of us are both IT and legal experts but we all have our own views of Microsoft's licensing rules and how they apply.  There are…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question