Broken trust relationship: NT/2000 workstation and domain.
Posted: Tue Apr 22, 2003 3:12 pm
This problem may occur when you have a multi boot situation between different instances of NT/2000, each of which gives the workstation the same computer name, but also each of which use a different SID. Only one of the OSs will have the correct trust relationship to the domain, as stored by the controller.
There are 2 ways of fixing this on a permanent basis. Either make sure that the SID is the same in each OS instance by using a utility such as "newsid" from http://www.sysinternals.com/ or by giving the workstation a different computer name in each of the OSs.
To correct the problem once it arises, you can do one of two things:
1. Delete the computer account from the domain controller with Server Manager. On the workstation, change from the domain to a workgroup, reboot, and then rejoin the domain.
2. Use a utility called "netdom" which can be found as part of the NT 4 Resource Kit. To fix the problem so that Workstation is now trusted by Domain, authenticating to Domain as User, issue the following command:
netdom /user:User /domain:Domain member:Workstation /joindomain
There are 2 ways of fixing this on a permanent basis. Either make sure that the SID is the same in each OS instance by using a utility such as "newsid" from http://www.sysinternals.com/ or by giving the workstation a different computer name in each of the OSs.
To correct the problem once it arises, you can do one of two things:
1. Delete the computer account from the domain controller with Server Manager. On the workstation, change from the domain to a workgroup, reboot, and then rejoin the domain.
2. Use a utility called "netdom" which can be found as part of the NT 4 Resource Kit. To fix the problem so that Workstation is now trusted by Domain, authenticating to Domain as User, issue the following command:
netdom /user:User /domain:Domain member:Workstation /joindomain