Broken trust after restoring domain controller?
Posted on 2014-08-18
We had to do a complete restore of one of our domain controllers. This server was not the primary domain controller.
After the restore I am unable to communicate with the server. If I log in from a domain computer I get an error saying "An authentication error has occured. The specified network password is not correct. Remote computer: COMPANY-DC2".
If I log in using the ip address instead of server name from a computer outside the domain I am able to log in. Once I am logged in I am able to reach network shares on the primary domain controller.
From the primary domain controller I am unable to reach the restored domain controller using the fqdn. When using the IP address I can access the network shares.
If I log in to the primary domain controller and open "Active directory users and computers", right click on the very top item (Active Directory Users and Computers [COMPANY-DC1]) and select "Change domain controller" I am presented with a list of my domain controllers. All the servers are listed as "Online", but if I try to select "COMPANY-DC2" I get an error saying "The following comain controller could not be contacted. A local error has occured".
I think the trust relationship between the restored domain controller and the primary domain controller has broken.
Any tips on how to resolve this is greatly appreciated :)
The servers are running Windows Server 2012 R2.