Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Server 08 RDS Issue

Posted on 2011-05-03
12
Medium Priority
?
1,638 Views
Last Modified: 2013-04-02
I am troubleshooting an issue for a friend, they have a RDS server (server 08) that is a hyper-V vm and it was working fine until the other day. No recent changes have been made that i am aware of. When trying to RDP into the box and use your domain login, i receive this message:
 the trust relationship between this workstation and primary domain failed

I can ping the DC from this server and i see the computer object for this server in AD.
I get other errors also in the event viewer such as:
3210 - stating it could not authenticate with the DC
1067 - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: Access is denied.
1055 - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one or more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
0
Comment
Question by:Cobra25
  • 4
  • 3
  • 3
  • +2
12 Comments
 
LVL 5

Expert Comment

by:SaadAhmedFarooqui
ID: 35629090
are other computers able to authenticate with the Domain controller?
0
 
LVL 4

Author Comment

by:Cobra25
ID: 35629756
yes, only this one has this issue.
0
 
LVL 5

Expert Comment

by:SaadAhmedFarooqui
ID: 35652425
Check the DNS entries, are they pointing to the DC?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Accepted Solution

by:
0x6 earned 2000 total points
ID: 35690655
From the command prompt of the RDS server what is the output of:
nslookup

Usually it is the DC's FQDN and IP

Example:
C:\>nslookup
Default Server:  DCname.domain.com
Address:  192.168.1.10

If it is pointing to the DC, then the trust relationship between the DC and the RDS server is broken. So you have to: (Before doing any of this, make sure it is done in your maintenance window or in the time frame when users are not affected. Also have the local Admin password for the RDS box.)

Reset the computer account for the RDS server in AD.
Join it to a Workgroup, which would sever its ties from the Domain. Restart it.
Login with the local Admin account. Join it to the Domain again, hopefully with no errors. Restart it.
Try to login with the domain account.

Let us know.
0
 
LVL 4

Author Comment

by:Cobra25
ID: 35695806
0x6, yes i did this already and it took care of the issue.

What i was worried about is that if users were going to lose their user profiles when they logged in again (since i took it off the domain and rejoined it). I havent heard anything yet, so i'm assuming since the domain name did not change, their user profiles were not affected. Does this sound right to you?
0
 
LVL 5

Expert Comment

by:SaadAhmedFarooqui
ID: 35695890
Yes, their existing profiles will be used.
0
 
LVL 4

Expert Comment

by:0x6
ID: 35697014
Good to know the issue is resolved. Correct. User profiles should not be affected.
0
 
LVL 4

Author Comment

by:Cobra25
ID: 35702581
Any idea why the trust would just break?
0
 
LVL 4

Expert Comment

by:0x6
ID: 35703858
The reason for this is computer/member server password mismatch with the domain.
Computers change their password every 30 days by default which has to be in-sync with the domain, and at that time if there was a miscommunication or network issue between the DC and a server then the passwords don't get synchronize, hence 'a broken trust'.
0
 
LVL 4

Author Comment

by:Cobra25
ID: 35703867
Oh ok, that makes sense.
0
 
LVL 40

Expert Comment

by:Philip Elder
ID: 35794095
On the off chance was the RDS's time wrong? VMs sometimes have issues with holding time.

Philip
0
 

Expert Comment

by:technjeep
ID: 39042559
If you have trouble logging into the machine that's having this issue, just unplug the network cable and then log in.  Once you get logged in you can plug it back in and follow the procedure above.  

Thanks guys.
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question