This post is also available in: Slovenian
Sometimes, trust error may occur between a workstation or a server and a domain. This means that the computer did not find a secure connection to the domain controller or it was rejected by the DC. This is usually found when we want to log in to a computer, via a remote desktop, or through a console, and the login with a domain user account is unsuccessful. However, we can log in with a local user account.
When the trust domain failed at the workstation, it is the fastest solution to remove the computer from the domain and then rejoin it back. When adding to a domain, trust between the domain controller and the workstation is restored.
If this happens with the server, it’s not that simple. At the server we do not want to get domain rejoined or delete the computer account in AD because we don’t want to change the SID.
The change of SID can cause the services that are on this server to fail or connections with databases. Also resetting the computer account password in Active Directory will not help. The same applies to powershell commands in my case.
Powershell
reset-computermachinepassword -credential-server
test-computersecurechannel -repair
Netdom command
The old good netdom command in cmd helped me (do not forget to run as an administrator): netdom resetpwd / s: dc / ud: domain \ admin / pd: “password”
Then you have to restart windows server and you can finally log back into the server as a domain user.
