Solved

The security database on the server does not have a computer account for this workstation trust relationship on a domain controller

Posted on 2011-03-15
4
1,727 Views
Last Modified: 2012-06-27
I have a domain controller that I built recently with the goal of migrating my windows 2003 domain up to windows 2008. The domain in question is a child domain in a larger forest. Everything was working smoothly until I installed the Identity Management for UNIX component. I rebooted the domain controller and now I get this message when I try to log in.

The security database on the server does not have a computer account for this workstation trust relationship

I've seen this before on workstations, and through removing them from the domain, and then adding them, that goes away. But I can't log on locally to a domain controller, so I have no idea how I can rejoin the system to the domain.

Anyone have ideas on how to fix this?
0
Comment
Question by:labops
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35141058
You can try resetting the machine password of the DC   http://support.microsoft.com/kb/325850

Any error events in your logs?

I personally haven't run into the issue (i.e. installing the Unx component and having this issue)

Thanks

Mike
0
 
LVL 2

Author Comment

by:labops
ID: 35141774
Thanks for the tip, it was unsuccessful though in solving my issue. The event logs show no errors except in the applications logs where there are a couple errors, I'll paste them in here.

Source: IDMU Server for NIS
Event ID: 4098, Server for NIS has stopped.
Event ID: 8196, This copy of Server for NIS is not licensed or the license has expired.

Source: IDMU Password Synchronization
Event ID: 16386, Default encryption key is insecure. Please generate new encryption key.

Source: Security-Licensing-SLC
Event ID: 1001, The Software Licensing Service failed to start. hr=0x80070002


these all repeat every time there's been a reboot.
0
 
LVL 2

Author Comment

by:labops
ID: 35142279
I've since removed the identity management for UNIX component in directory services restore mode, but still have the same issue.

the error logs that I see now are as follows

applicaton log
source: security-licensing-slc
eventID: 1001, The Software Licensing service failed to start. hr=0x80070002, [2, 4]

system log
source: Service Control Manger Eventlog Provider
eventID: 7026, The following boot-start or system-start driver(s) failed to load: spldr

All other event logs are clean of errors

0
 
LVL 13

Accepted Solution

by:
upalakshitha earned 500 total points
ID: 35143805
issue this command in DSRM admin mode cmd
secedit /configure /cfg %windir%\inf\defltbase.inf /db defltbase.sdb /verbose
restart & try
http://support.microsoft.com/kb/313222
that command supports server 2008
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question