Trust Relationship error

Hi,

Please could someone help.

We have an overseas rollout programme and recently while abroad had to
rebuild 19 machines which were shipped and originally built back in the UK
because of an error "trust relationship between this workstation and the
primary domain failed", in addition to this we don't know what the cached
account is and therefor have to totally rebuild these machines from the local
DC as we are unable to logon to the domain. Essentially these machines become
"BRICKS".

Does anyone know why in the first instance this is happening, and is there
anyway in which we could logon to the PC (BTW the admin password also gets
disabled during the build before being shipped over) in order to attempt to
take the machine out of the domain and then rejoin?

Any information would be greatly appreciated.

Regards.
--
Flinty

Hello Peter,

To get you correct the local administrator account is disabled and you have
no other local admin user, which can logon with cached credentials?

Are the machines with the broken trust created with an image that isn't syprepped?

So in the new location you have a DC belonging to the same domain as the
19 machines and the machines are listed in AD UC? Or is this a different
domain?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi,
>
> Please could someone help.
>
> We have an overseas rollout programme and recently while abroad had to
> rebuild 19 machines which were shipped and originally built back in
> the UK because of an error "trust relationship between this
> workstation and the primary domain failed", in addition to this we
> don't know what the cached account is and therefor have to totally
> rebuild these machines from the local DC as we are unable to logon to
> the domain. Essentially these machines become "BRICKS".
>
> Does anyone know why in the first instance this is happening, and is
> there anyway in which we could logon to the PC (BTW the admin password
> also gets disabled during the build before being shipped over) in
> order to attempt to take the machine out of the domain and then
> rejoin?
>
> Any information would be greatly appreciated.
>
> Regards.
>

If you are intentionally disabling the Admin account (Not the password as
you mentioned) I would suggest you create a new account elevate it to be an
admin and create a strong password on it. You should have some way to gain
access to the machine in the event of an error such as what you are
experiencing.

Not sure if there is a third party tool to enable an account, but there are
tools to change a forgotten password.

The loss of the domain connection is tough to provide you much (If any)
info, since you haven't given any details such as event logs. Did any
events recently occur? Are you sure you have full connectivity with your
enterprise? This kind of sounds like a dc was lost and an improper recovery
at a site, or something a long those lines.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"Peter F" <> wrote in message
news:A3D81E4B-6135-4070-AB68-...
> Hi,
>
> Please could someone help.
>
> We have an overseas rollout programme and recently while abroad had to
> rebuild 19 machines which were shipped and originally built back in the UK
> because of an error "trust relationship between this workstation and the
> primary domain failed", in addition to this we don't know what the cached
> account is and therefor have to totally rebuild these machines from the
> local
> DC as we are unable to logon to the domain. Essentially these machines
> become
> "BRICKS".
>
> Does anyone know why in the first instance this is happening, and is there
> anyway in which we could logon to the PC (BTW the admin password also gets
> disabled during the build before being shipped over) in order to attempt
> to
> take the machine out of the domain and then rejoin?
>
> Any information would be greatly appreciated.
>
> Regards.
> --
> Flinty