Following are a few points to know for the said issue. Psexec -u computer\administrator -p password \\computer c:\myScript. How to Fix the Trust Relationship Between This Workstation and the Primary Domain Failed in Windows 10 One of the most common issues faced by system administrators is the trust relationship between this workstation and the primary domain failed issue. server does not have a computer account for this work trust relationship. After you know the exact command syntax, save the values to a script file and launch it with psexec like so, 8K views 10 months ago ICT Windows Server System Administration Training Do. Netdom join and netdom remove support credential passing, so supply valid domain account credentials. Remove the computer from the domain and add it to the domain. Psexec -u computer\administrator -p password \\computer cmdĪfter you got the shell, try and experiment with netdom commands. This might rise some security issues, though. A GPO that sets "Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Domain member: Maximum machine account password age" to 0 would set the computer account password never to expire. Netdom.exe or a Powershell script can be used to re-join the computer to the domain.Īnother an option would be changing the policy for computer accounts. Passing its credentials to PSExec should provide a remote shell even with broken trust relationship. Make sure you know a local administrator account. Would a combination of PSExec and netdom work? I don't have a VM with broken trust relationship, so I can't test the idea.Īnyway, PSExec has parameters -u and -p for username and password. Is there any other way I can remotely get a virtual machine that has lost its domain trust relationship to rejoin the domain? I don't think you can use the local administrator account with PowerShell remoting. ![]() However, this results in an error on the last line: Access is Denied. The best way to fix the trust relationship between the workstation and the primary domain failed issue is to use Reset-ComputerMachinePassword cmdlet in. $sesh = new-pssession -computername "theMachine" -credential $credĪt this point, I was hoping to use PowerShell to reset the password or something like that to reset the domain trust relationship. AFAIK (and as the answers in the marked possible dupe seem to also concur) the only way to rebuild that trust it to dis-join the computer from the domain, delete it's AD account, and then re-join. $cred= New-Object ("Administrator", $password) So far, I've attempted to put together a script that simply remotes into the box as the local administrator: $password = ConvertTo-SecureString "password" -AsPlainText -Force I haven't found anything that can do this otherwise. How can I remotely reset the trust relationship of these virtual machines? Perhaps there are possibilities for rejoining the domain that don't involve remoting?Īny alternate solutions to manually rejoining the domain require logging in to the computer and doing this locally. This breaks the script as I can no longer use PowerShell remoting to get into the machines and configure them. ![]() Occasionally, the virtual machines lose their "trust relationship" with the domain. I have a number of virtual machines which have snapshots applied by using a PowerShell script.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |