Now when I rebuild the machine all of the clients have the wrong SID stored in their security directory and don't authenticate properly to the new domain. The EVENT ID #5513 and 5613 get noted on the server declaring that the machines have attempted to connect but that the trust relationship needs to be renewed. In an old NT domain this was easy. In the management tools right click on the machine in question and renew the trust. In W2K+ this no longer seems to be an option. The only trusts that I seem to be able to find anywhere (including searching the Web) are between domains, and nothing about renewing the trust between server and client. I have found that the Repair Console can be used to complete knock out the old Security system, but now my user has to reconfigure everything because their next login creates a new profile folder. Further more if the client is a 2003 server then the Repair Console no longer works even when I try to re-attribute the security file. So how do I renew the trust between a client and server?
This was first published in March 2004