• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 207
  • Last Modified:

VM Failover - Is it safe to remove and then add original VM back to the domain?

Failing over to a Sharepoint server replica (or export), and then failing back, led to a network SID error (backup solution was VEEAM), and the server had to be removed from the domain, and then added back in.

Is this 'safe'?  Are there any possible AD problems than can arise with Sharepoint?

Just asking because Sharepoint seems in particular to be very picky about things that perhaps other servers don't seem to care about.

  • 2
  • 2
1 Solution
JAN PAKULAICT Infranstructure ManagerCommented:
Unjoining will cause a lot of problems like recreated SID's and will leave you with a lot of extra work.

As you only lost trust relationship just change  your computer password using the Reset-ComputerMachinePassword cmdlet from Powershell v3.

Reset-ComputerMachinePassword [-Credential <PSCredential>] [-Server <String>]

Powershell v3 ships with the latest version of Windows and can be downloaded from Microsoft:


Or change your computer password using netdom.exe!

netdom.exe resetpwd /s:<server> /ud:<user> /pd:*

<server> = a domain controller in the joined domain

<user> = DOMAIN\User format with rights to change the computer password

Open an administrative command prompt. On Windows platforms with UAC enabled, you will need to right-click on cmd.exe and select "run as Administrator".

Type the following command: netdom.exe resetpwd /s:<server> /ud:<user> /pd:*
Reboot the machine.

Here is more information on netdom.exe: http://support.microsoft.com/kb/325850
NeoDavidShepherdAuthor Commented:
Thank you for that very detailed response!

What I don't understand though is 'as you only lost trust relationship, just change your computer password'.

If I have a replicated VM that has lost it's trust relationship, and still have the original I need to go back to after the test...  are you saying changing the password will resolve the switching back and forth?

Color me surprised... as i thought a lost trust meant you HAD to add it back to the domain as the only solution.

Thank you, and sorry that apparently I have a 'hole' in my brain regarding trusts.
JAN PAKULAICT Infranstructure ManagerCommented:
"computer password" which allows authentication between domain controller and given pc (not user password eg admin)

look at this one:

NeoDavidShepherdAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now