The trust relationship beween tis workstation and te primary domain failed








4. Running nltest

nltest /sc_query: <domain_name>

-- Access is denied.

If you encounter the above behavior or error messages, suggest first reset secure channel. On the computer that are experiencing this issue, disable the Kerberos Key Distribution Center service (KDC) and then restart the computer. After the computer restarts, use the Netdom utility to reset the secure channels between the computer and the PDC Emulator operations master role holder. To do so, run the following command from the computer other than the PDC Emulator operations master role holder:

netdom resetpwd /server:server_name /userd:domain_name\administrator /passwordd:administrator_password

Where server_name is the name of the server that is the PDC Emulator operations master role holder.

Note: This method only works for DC. If it’s member server, we have to disjoin and rejoin domain.

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

260575 How to Use Netdom.exe to Reset Machine Account Passwords




1 comment:

Anonymous said...

ha, I am going to test my thought, your post give me some good ideas, it's really awesome, thanks.

- Thomas