Solved

Trust Relationship Failure between exchange server 2010 and DC

Posted on 2010-09-01
4
1,836 Views
Last Modified: 2012-05-10
I was going thru the steps of removing an old exchange 2003 from our network  recently. In the morning when I tried to login to the new exchange server 2010 I recieved an error and could not get into the domain administrator account on the 2010 exchange.  "The trust relationship between this workstation and the primary domain failed".  I searched online and there is much stated about reset of the exchange sever account in the DC (windows 2008 (32bit)).  Email is working inbound and outbound  on the exchange 2010.  The 2003 exchange server is still up and running I have two more steps to complete (removing the recipient update service and then removing exchange thru add/remove programs) before I completely remove the old exchange 2003 fom the network.  The old server 2003 functioned as a primary DC in the past. Now the new primary DC is a server 2008. I can login to the exchange 2010 via local administrator, but not on the domain administrator, nslookup from the local admin shows correct dns and domain. If I reset the exchange server 2008 AD account will that stop my email flow, if it does not log back in the domain for some reason? Is there any other way I can get my domain administrator account to allow login to my exchange 2010 box?    
0
Comment
Question by:ajc2c
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33576460
You can run netdom to reset the secure channel password this will not affect your email flow since currently you are not connected to the domain.

http://www.howtonetworking.com/vista/resetsecurechannel.htm

Your Exchange server should only point to your DC for DNS and your DC should only point to other DCs for DNS in their TCP\IP properties
0
 
LVL 16

Expert Comment

by:uescomp
ID: 33576944
This can happen if the clocks are not synced between your domain controller and your Exchange server.  Kerberos authentication requires that the clocks be within 5 minutes of each other by default.  Check time, time zone, date etc.. and make sure they are the same.
0
 

Accepted Solution

by:
ajc2c earned 0 total points
ID: 33629198
The issue was that the old server had been the PDC and exchange server.....it has not been demoted found online....I resorted to shutdown on the old server as it was not being utilized for anything and I could login to my new exchange without a problem.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33629205
You need to do a metadata cleanup then
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question