Problem
After a successful full restore of a Windows client, Windows gives a message of "The trust relationship between this workstation and primary domain failed" when trying to log on.
Error Message
No error message seen on restore - restore is successful
When trying to log on to the restored Windows machine, Windows gives a message of "The trust relationship between this workstation and primary domain failed"
Cause
In a Windows Active Directory (AD) environment, machines (as well as users) have domain passwords. While users change their own passwords manually, machines change their own passwords regularly in the background - by default every 30 days - and this happens transparently.
When a restore is done, it will restore the machine to the state it was in at that point - which includes the machine password as it was at that time.
However if this machine's password had been subsequently changed (as part of the normal AD process), then the machine password stored on the restored image may no longer be valid, and would result in the windows machine no longer being able to log on to the domain, with the corresponding message of "The trust relationship between this workstation and primary domain failed" being seen.
Solution
As the restore was successful, no action is possible on the NetBackup side - the machine has been restored to the exact same state it was in at the time of the backup,
Instead, the machine's domain password on the restored machine would need to be updated so it matches the current one in Active Directory.
This is an OS/AD function, and the machine password can be updated using OS commands such as netdom or Reset-Computer
Microsoft reference articles:
No comments:
Post a Comment