Solved

local user password missing, trust relationship failure, cannot reset via AD or NETDOM

Posted on 2011-09-08
10
638 Views
Last Modified: 2012-06-27
trust relationship between this wkstn and primary domain failed and local user passwords now incorrect

Can someone assist me with this error?  This is a win7 pro Pavilion dv4 laptop which had an aborted system restore operation.  Prior to the restore, I checked local administrator logon to ensure I could access the local domain.  

The restore operation aborted w/out successful completion - it was making no progress after over an hour (this was a simple restore to a point 4 days prior - should not take anywhere near that long) and the laptop powered down on it's own after this.  Power options were set to HD never when plugged in.

when I rebooted, I could not log onto the network, and am now getting password incorrect when attempting to log onto the local computer domain.

On the windows side, I've tried resetting the account in Active Directory and the NETDOM command to fix - both to negative results.

I need to access the local domain, i can then rejoin to the network.  Can anyone offer helpful hints for this?  thanks in advance.
0
Comment
Question by:Gordo9
10 Comments
 
LVL 21

Accepted Solution

by:
Joseph Moody earned 250 total points
ID: 36502283
0
 

Author Comment

by:Gordo9
ID: 36502417
tx, Jmoody10 - am going down the list, options and trying them.  As soon as I have a resolution, i'll post here.

0
 
LVL 21

Expert Comment

by:Joseph Moody
ID: 36502429
Ok. If that list doesn't work, I have a tool I can upload that is free.

I just wanted to show you other solutions first (because I wouldn't trust a tool someone uploaded)
0
 
LVL 3

Expert Comment

by:saurabhsehgal
ID: 36502511
If the user has logged on the machine before, then just unplug the network cable\switch off wireless and see if it lets you to logon using cached credentials
Then you can reset the local administrator password and if needed rejoin to the domain

This issue can also occur if the UserAccountControl value of the DC whom the client contacts is not the default of what it should be of a DC 532480
So please check that as well
0
 
LVL 70

Expert Comment

by:KCTS
ID: 36502522
You need to take the machine out of the domain, then add it back in again.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:Gordo9
ID: 36502665
Trinity rescue Kit got the job done.  Nice and quick, too.  Thanks to JMoody10 for the solution!
0
 
LVL 21

Expert Comment

by:Joseph Moody
ID: 36502666
Not a problem!
0
 

Author Closing Comment

by:Gordo9
ID: 36502670
excellent took kit (trinity rescue) and other links look good, too -
0
 

Author Comment

by:Gordo9
ID: 36502730
jmoody and all other contributors on this thread - gotta share this with you.

After logging onto the LPT at the local domain, I proceeded to confirm local user passwords, admin access, etc, then went to rejoin the computer to the network.  Mind you, I'm logged on as the local domain, not network.

I choose to remove from my network and add to workgroup (nice and vanilla) - and am prompted with an access popup requiring that I enter network admin credentials that would allow me to remove the wkstn from the network!

Gents, i've been in this business for years, and this is the first time I've been required to pass access in order to remove something - it's always been for joining.

All I can say is, I"m glad this weird logjam was cleared up.  Has anyone else ever seen this happen?

tx,

0
 
LVL 21

Expert Comment

by:Joseph Moody
ID: 36502746
It is a weird one! You should have been able to enter your local password (even though it prompted for network) to remove it though.

Basically, just an extra security precaution before you bring that network connection (which was already broken...)
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now