Q

How do I renew the trust between a client and a server?

I am running into a problem on my QA LAN that I'm sure must be a problem for small businesses everywhere. Every so often, the server has major issues and needs to be rebuilt (after all it is MS, and it a QA environment) but it is the only server on the LAN. This is a Win2k server that is the PDC/FSMO for a Native AD that is a standard alone domain in it's own forest ... basically it does everything for the LAN with no parents or children, including DNS and DHCP.

Now when I rebuild the machine all of the clients have the wrong SID stored in their security directory and don't authenticate properly to the new domain. The EVENT ID #5513 and 5613 get noted on the server declaring that the machines have attempted to connect but that the trust relationship needs to be renewed. In an old NT domain this was easy. In the management tools right click on the machine in question and renew the trust. In W2K+ this no longer seems to be an option. The only trusts that I seem to be able to find anywhere (including searching the Web) are between domains, and nothing about renewing the trust between server and client. I have found that the Repair Console can be used to complete knock out the old Security system, but now my user has to reconfigure everything because their next login creates a new profile folder. Further more if the client is a 2003 server then the Repair Console no longer works even when I try to re-attribute the security file. So how do I renew the trust between a client and server?
ALWAYS deploy a minimum of two domain controllers. My only solution for you is to start over and build it right. All DCs have the same SID so this should not be a problem in the future.
This was first published in March 2004

Dig deeper on Microsoft Active Directory

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close