This is something you probably have seen where one is unable to login on a server due to domain trust relationship failure issue. Even I wrote a related post in past, can be found here, The-trust-relationship-between-this workstation.....
This week I came across this same issue again, where my team was able to temporarily fix it by removing and then re-joining the server to domain however after a few hours the same issue re-occurred again and this happened two-three times in a week (computer account reset didn't work for this machine).
While looking for the cause of the issue, the first thing checked was the dns and when tried to ping or nslookup dns server was not reachable.
Then connected to one of the other machines in the network to check the name resolution, and found the IP assigned to this machine was non-existent and when checked with the host-name, found there is another machine in the network with the same name but a different IP address.
When checked further, found this server was recently migrated from on-prem to Cloud and someone inadvertently started the on-prem servers (probably patching, etc) which caused the hostname conflict and as a result this DNS and trust relationship failure issue.
Once we figured out the cause and powered off the on-prem server then fixing the issue was as waiting for some time to update the server name in DNS or force it by re-registering the server with dns using following cmd in elevated mode(run cmd as administrator),
C:\ipconfig /registerdns
It may take a few minutes to let you login using the hostname\user.
Update: 04/06/2020
While working on one related issues found some new PS commands added in our toolset to resolve this issue, related bold can be found here, https://theitbros.com/fix-trust-relationship-failed-without-domain-rejoining/
That's it... :)
This week I came across this same issue again, where my team was able to temporarily fix it by removing and then re-joining the server to domain however after a few hours the same issue re-occurred again and this happened two-three times in a week (computer account reset didn't work for this machine).
While looking for the cause of the issue, the first thing checked was the dns and when tried to ping or nslookup dns server was not reachable.
Then connected to one of the other machines in the network to check the name resolution, and found the IP assigned to this machine was non-existent and when checked with the host-name, found there is another machine in the network with the same name but a different IP address.
When checked further, found this server was recently migrated from on-prem to Cloud and someone inadvertently started the on-prem servers (probably patching, etc) which caused the hostname conflict and as a result this DNS and trust relationship failure issue.
Once we figured out the cause and powered off the on-prem server then fixing the issue was as waiting for some time to update the server name in DNS or force it by re-registering the server with dns using following cmd in elevated mode(run cmd as administrator),
C:\ipconfig /registerdns
It may take a few minutes to let you login using the hostname\user.
Update: 04/06/2020
While working on one related issues found some new PS commands added in our toolset to resolve this issue, related bold can be found here, https://theitbros.com/fix-trust-relationship-failed-without-domain-rejoining/
That's it... :)
No comments:
Post a Comment