How to restore trust relationships between domain controllers?

A

Alexander Rogolev2014-10-11 10:36:47

System administration

Alexander Rogolev, 2014-10-11 10:36:47

Hello. There are 2 domain controllers in one forest, in one domain. More precisely, it was.
The wood and the domain 2003, controllers too WS2003.
One (secondary controller) died. There is a complete snapshot of it a month ago (I wanted to make it a virtual server, since it was already outliving its own). The picture was restored. The server has risen, but the trust relationship with the PDC has been lost. Replication naturally too does not work.
Reinstalling the account of this server on the PDC fails, because. this server is a domain controller. It is not possible to remove the AD role on this, now virtual server, because it cannot contact the PDC due to lost relationships.
How to make friends?
PS: Pings are coming, nslookup is working. The time is set correctly.
With PDC (atlanta):
> netdom verify phoenix
Permission denied.
From problem server (phoenix):
> netdom verify atlanta
Access denied.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Alexander Rogolev, 2014-10-13
@asr1986

All problem solved. It is necessary to disable the "Kerberos Key Distribution Center" service on the problem server and execute "netdom resetpwd /s:PDC /ud:domain\Administrator /up *", then reboot.

K

Konstantin, 2014-10-11
@fallen8rwtf

Approximately the same situation was.
Look here, it might help. This man helped me
winitpro.ru/index.php/2011/04/08/udalyaem-neisprav...