asked on

Trust relationship between a Win10 client and a Windows Server

I recently had a problem with a Windows Server 2016 Standard Edition. The motherboard and memory modules were replaced and I had to restore from an image backup from two months earlier.

On bringing up the restored system then the trust relationship between the clients and the server was broken. I followed the normal process of switching the clients to a Workgroup and then re-joining the domain.

Was the trust relationship broken because of restoring an old backup or the replacement of the motherboard ?

Could someone explain how the trust relationship works please ?

ASKER CERTIFIED SOLUTION

Paul MacDonald

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Andrew Porter

It's the restoring from backup that caused the trust relationship to break. This is due to the machine changing its AD machine password. The machinepasswordage registry setting (or local security policy setting) will tell you how often that password is being changed.

William Fulks

Basically, your computers each have what's called a "secure channel password" that refreshed every X (set by sys admins - default is 30, I think, but some set it longer) number of days with the server. It's a background thing that it does to maintain that trust. Since you did the system restore from two months prior, you put that password out of sync and had to rejoin the computers. It's a deeply imbedded security thing.

William Fulks

I was typing that as the other two replied...didn't mean to echo.

Dave Ellis

ASKER

Thank you for the three experts who responded.

This weekend was the planned date for a secondary domain controller to be installed on the site - but the failure of the PDC happened two days earlier.....

Thanks again.