Solved

Trust Relationship Failure between exchange server 2010 and DC

Posted on 2010-09-01
4
1,908 Views
Last Modified: 2012-05-10
I was going thru the steps of removing an old exchange 2003 from our network  recently. In the morning when I tried to login to the new exchange server 2010 I recieved an error and could not get into the domain administrator account on the 2010 exchange.  "The trust relationship between this workstation and the primary domain failed".  I searched online and there is much stated about reset of the exchange sever account in the DC (windows 2008 (32bit)).  Email is working inbound and outbound  on the exchange 2010.  The 2003 exchange server is still up and running I have two more steps to complete (removing the recipient update service and then removing exchange thru add/remove programs) before I completely remove the old exchange 2003 fom the network.  The old server 2003 functioned as a primary DC in the past. Now the new primary DC is a server 2008. I can login to the exchange 2010 via local administrator, but not on the domain administrator, nslookup from the local admin shows correct dns and domain. If I reset the exchange server 2008 AD account will that stop my email flow, if it does not log back in the domain for some reason? Is there any other way I can get my domain administrator account to allow login to my exchange 2010 box?    
0
Comment
Question by:ajc2c
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33576460
You can run netdom to reset the secure channel password this will not affect your email flow since currently you are not connected to the domain.

http://www.howtonetworking.com/vista/resetsecurechannel.htm

Your Exchange server should only point to your DC for DNS and your DC should only point to other DCs for DNS in their TCP\IP properties
0
 
LVL 16

Expert Comment

by:uescomp
ID: 33576944
This can happen if the clocks are not synced between your domain controller and your Exchange server.  Kerberos authentication requires that the clocks be within 5 minutes of each other by default.  Check time, time zone, date etc.. and make sure they are the same.
0
 

Accepted Solution

by:
ajc2c earned 0 total points
ID: 33629198
The issue was that the old server had been the PDC and exchange server.....it has not been demoted found online....I resorted to shutdown on the old server as it was not being utilized for anything and I could login to my new exchange without a problem.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33629205
You need to do a metadata cleanup then
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question