Solved

How do I move a workstation from one domain server to another

Posted on 2014-12-14
5
177 Views
Last Modified: 2015-05-02
I have built a new Server 2012 and am trying to move workstations from the old server to the new one. The domain name is the same  company.local. When I move a computer to the new server and try and log in on the administrator account or a user that I have created on the new server (same name and password), I get   “The security database on the server does not have a computer account for this workstation trust relationship”. How do I get access to the new server on this box
0
Comment
Question by:KentMiller
5 Comments
 
LVL 15

Expert Comment

by:Ivan
ID: 40499170
Hi there,

New server that you have build is a domain controller or what? You said you created new server, but what is role of that server? If you had a DC server, which has failed, and then you created new server with DC role, then you have to rejoin that workstation to domain, and all other.

Can you explain a bit more what is going on?

The message you receive is fixed by removing workstation from domain (joining to a workgroup) and then you rejoin to a domain.

Regards,
0
 
LVL 1

Accepted Solution

by:
Mohammed Asish earned 500 total points
ID: 40499238
Since it’s a new Domain, please re-join the workstation to the new Domain

Log on locally as a local administrator. In the Network tool of Control Panel, select Change and enter a Work-group name, workstation leaves the domain.
Restart the computer and log on locally as a local administrator.

Now re-join the domain
There are two methods to re-join the domain:

A) You can join the domain from the client if at the same time you can provide an
     Administrator username and password on the domain.

   1) Plug in the network cable

   2) Right click on Computer (from desktop or start), Properties, Change Settings,    
       Change
   3) Type in the FQDN in the Member of, Domain field, ok
   4) Type in the Domain Admin username and password
   5) Should get a welcome message when joined successfully


B) You can delete the existing computer account in Server Manager, recreate the  
     Computer accounts, synchronize the domain, and then on the client re-join the
     Domain.
0
 
LVL 1

Expert Comment

by:Daniel Adler
ID: 40499273
Mostly people in this case are recommending to re-join the computer to the new domain BUT there are may other way...

Propably , this issue is because mismatch between attributes of the computer account in Active Directory and those values on the system itself.
To fix this issue when it happens.

1. Open Active Directory Users & Computers pointed to the domain the computer account resides in
From the “View” pull-down menu, make sure that “Advanced Features” is checked.

2. Navigate to the organizational unit (OU) structure where the computer account for this server resides.
3. Open the Properties for the computer object.
4. Choose the “Attribute Editor” tab on the Properties dialog box.
5. Check the Attributes dNSHostName & servicePrincipalName – anywhere that a fully qualified hostname is specified (e.g. myserver.company.local), make sure that the entry matches the hostname you have configured when you go here on your server: Start -> Computer -> Right-Click, Properties -> Change Settings (under “Computer name, domain… settings”) -> Full Computer Name
As an example, for 2008R2 server whose Full Computer Name is “srv1.company.local”, these attribute/value pairs should be in Active Directory:

dNSHostName:
srv1.company.local

servicePrincipalName:
HOST/SRV1
HOST/srv1.company.local
RestrictedKrbHost/SRV1
RestrictedKrbHost/srv1.company.local
TERMSRV/SRV1
TERMSRV/srv1.company.local

If you find that any of these entries is incorrect, go ahead and fix them!
once they all align correctly try logging in again.
**After you make any changes, please remember that it may take up to a few minutes for those changes to replicate between all of the Active Directory domain controllers.

Good luck ;)
0
 

Author Comment

by:KentMiller
ID: 40499285
I created the new server and gave it the following roles AD, DNS, DHCP and Print server. If I rejoin the (new)  domain  with a workstation, won't create a new profile on the workstation? I have Outlook set up in the profile and would like not to have to re setup Outlook and other shortcuts.

Also the previous tech did no set up folder redirection so the desktop and documents folder for the workstations are on the workstation. Can you direct me to who to setup folder redirection?

Thanks
Kent
0
 
LVL 1

Expert Comment

by:Daniel Adler
ID: 40499333
If you are interested in Active Directory Migration its different story..
here is a external article about step by step how to do migration of AD > HERE
and after successfully migration you'll do the steps i suggested above, there should be no reason for duplication..

My question is are you sure you want to do Folder redirection ?
Dont forget

* if you use Folder redirection for example for Documents and Desktop thats mean every user who under this policy will store their Documents and Desktop on some server or storage..
so calculate well with the space.  ((if dont know how many freedom the users have in your "company" but sometimes users love to store stuff on their desktop and documents,  sometimes maybe music, moves and it can eat your space very fast if there is big amount of users...))

* Folder redirection depend on the amount of file/size. can be reduce startup time... (for example, the secretary have 2 GB vacation photo folder in the desktop and tomorrow she moves to other computer, she have to wait until that workstation is downloading from the server that 2GB of Photo data during the logon process.

im not sure its always good idea. i prefer to use Home folder (home drive) and they can access to they data no matter where they logged on..

To set up folder redirection you have to apply Group policy on those OU, that contain the users..
in GPO:  User Configuration > Windows settings> Folder Redirection. right click on Documents an properties,
setting : Basic > Create folder for each user .. > rooth path: you give the path here to store all the data (\\storage\users) and click OK.
the same on Desktop folder.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now