Problem solve Get help with specific problems with your technologies, process and projects.

How do I renew the trust between a client and a server?

I am running into a problem on my QA LAN that I'm sure must be a problem for small businesses everywhere. Every so often, the server has major issues and needs to be rebuilt (after all it is MS, and it a QA environment) but it is the only server on the LAN. This is a Win2k server that is the PDC/FSMO for a Native AD that is a standard alone domain in it's own forest ... basically it does everything for the LAN with no parents or children, including DNS and DHCP.

Now when I rebuild the machine all of the clients have the wrong SID stored in their security directory and don't authenticate properly to the new domain. The EVENT ID #5513 and 5613 get noted on the server declaring that the machines have attempted to connect but that the trust relationship needs to be renewed. In an old NT domain this was easy. In the management tools right click on the machine in question and renew the trust. In W2K+ this no longer seems to be an option. The only trusts that I seem to be able to find anywhere (including searching the Web) are between domains, and nothing about renewing the trust between server and client. I have found that the Repair Console can be used to complete knock out the old Security system, but now my user has to reconfigure everything because their next login creates a new profile folder. Further more if the client is a 2003 server then the Repair Console no longer works even when I try to re-attribute the security file. So how do I renew the trust between a client and server?
ALWAYS deploy a minimum of two domain controllers. My only solution for you is to start over and build it right. All DCs have the same SID so this should not be a problem in the future.

Dig Deeper on Windows systems and network management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.