Announcement

Collapse
No announcement yet.

Recurring Trust Relationship Issue - Help? :)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Recurring Trust Relationship Issue - Help? :)

    Hi everyone,

    I am hoping some one can give me some insight on a weird issue I am having with "No Trust Relationship" on a remote installation.

    My setup is Small Business Server 2011 Essentials and 5 workstations running CAM Commerce Point of Sale Software.

    3 are small form factor pc's running Windows 7 64bit and 1 laptop running Windows 7 64bit.
    The 4th workstation is completely configured station as a spare in case of problem.

    The network is in the Yukon at a remote location running on generator power. I have each station setup with a APC brand UPS to supply clean power to the stations.

    The Server, laptop and 1 station are in 1 building and the other 2 stations are in a separate building connected via a wireless point to point shot (500ft at most) using Engenius ENH200 Outdoor Client Bridges.

    Everything is going along smooth then they will shut down the stations at night as they shut down the main generator and then the next day a station will not be able to log in because:
    "The trust relationship between this workstation and primary domain failed."

    So first couple times this has happened I just removed the station from the domain and re-add it to the domain and back in business, then a few days will go by and it happens again.

    So praying to the google god I found a few articles that say this happens when a workstation was set up with a system image instead of performing a fresh windows 7 installation and to resolve it you have 2 options rename the workstation before you re-add it to the domain or format the station and start from scratch - installing the OS from CD and not a system image.

    I have currently performed the rename on 2 stations changing the name from W2 to W2TRUST and W3 to W3TRUST respectively and re-added them to the domain.

    I have several other Server 2011 and workstation setups out at other clients and have never seen this trust issue before. I have not been able to find a lot of information about it and I am unsure how to proceed to resolve it.

    My client is patient but he is getting upset unfortunately and wanting to replace all the equipment but my concern is that if I do not determine the cause of this issue any new equipment may just have the same issue.

    My own thoughts are to change the server from 2011 Essentials to Server 2008 standard which I have at lots of clients as well with no issues.

    I need to do something to move the ball ahead here, and am hoping I can get some ideas?

    Thanks for reading my sad tale and I appreciate any advice given.

    Stacy

  • #2
    Re: Recurring Trust Relationship Issue - Help?

    IMHO start by checking the "other" cause of trust failure - clock skew (>5 mins) between the clients and the server
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Recurring Trust Relationship Issue - Help?

      Hi, i've seen this issue before, not to the extent you're getting tho. This site has been useful to me.
      http://implbits.com/About/Blog/tabid...d/Default.aspx
      Do the servers event logs give any useful info?

      I noticed you have also mentioned a duplicate SID issue too.
      You could try this procedure on the worst effected computer.
      Remove the computer from the domain, delete any remaining computer accounts associated to it from the Domain controller.
      run sysprep.exe (on a client) with OOBE option and generalize, it's located in C:\windows\System32\Sysprep
      Rejoin back into the domain and the issue shouldn't reoccur. Sysprep will generate a new SID and shouldn't effect any of the users files. But back them up just in case.

      There is also this powershell command, i've not tested it yet 'in the field' so can't verify how effective it is.

      Test-ComputerSecureChannel -Repair -Credential (Get-Credential) -Verbose

      http://technet.microsoft.com/en-us/l.../hh849757.aspx

      Good luck and please let me know how this pans out.
      Last edited by uk_network; 4th June 2014, 21:01.
      Please remember to award reputation points if you have received good advice.
      I do tend to think 'outside the box' so others may not always share the same views.

      MCITP -W7,
      MCSA+Messaging, CCENT, ICND2 slowly getting around to.

      Comment


      • #4
        Re: Recurring Trust Relationship Issue - Help?

        Thanks both of you for your helpful suggestions, I have just connected back there and believe that the time issue could be the cause. I had set all the clocks the same when we set up the system and never did check them when this started happening.

        However after getting a reminder to look at the common cause (thanks ossain) I see 2 clocks are out one hour. Turns out a staff member lives in Skagway and prefers the Skagway time so keeps changing the time on the workstation she is using.

        So I have set all the time back to match the server and set them all to sync with the atomic clock every 30 mins - hopefully this is the end of this particular issue.

        Seems I have been affected with the look for a complicated problem and not looking at all the simple explanations.

        Hear hoof beats it is likely a horse not a zebra ..doh.

        Again thanks so much, i will post back if this does not resolve it and go through your suggestions UK

        Stacy

        Comment


        • #5
          Re: Recurring Trust Relationship Issue - Help?

          This is also worth a review.
          http://www.sevenforums.com/tutorials...-changing.html
          Please remember to award reputation points if you have received good advice.
          I do tend to think 'outside the box' so others may not always share the same views.

          MCITP -W7,
          MCSA+Messaging, CCENT, ICND2 slowly getting around to.

          Comment


          • #6
            Re: Recurring Trust Relationship Issue - Help?

            Thats an excellent idea will do that

            Comment


            • #7
              Re: Recurring Trust Relationship Issue - Help?

              As a rule, set your SBS to sync time from an external source, then clients to sync from the SBS - makes sure that whatever time the server thinks it is, the clients match
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd
              Scotland

              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment

              Working...
              X