Fixing Domain Trust Relationships!

Fixing Domain Trust Relationships!

No, this won't fix human trust relationships! but it will help you with Domain Trust Issues. This seems to happen more and more, the common fix wa

Check Active Directory for Stale Computers
IIS with ASP.NET support check
Open Port Scanning

No, this won’t fix human trust relationships! but it will help you with Domain Trust Issues. This seems to happen more and more, the common fix was to dis-join from the domain, then re-join the domain.

Powershell has a command called Test-ComputerSecureChannel that doesn’t seem to get the recognition that it richly deserves! It has been around since Server 2008 R2 and will check the relationship with the Domain Controller if it returns a $true then the relationship is good, if it returns a $false then obviously the relationship is broken and needs repairing.

First method using Test-ComputerSecureChannel:

# This can be run on the local computer to repair the domain trust

Test-ComputerSecureChannel -Repair

I of course always like any commands that I can perform remotely, not that I am lazy but its just simply more efficient and that is the story I am sticking to! You can do this remotely on a system by using this snippet of code.:

Invoke-Command -Computername "Computer Name" -erroraction 'Stop' -ScriptBlock {
if (!(Test-ComputerSecureChannel))
{# If $true is not returned then lets repair the domain trust
Test-ComputerSecureChannel -Repair
}}

In this example I have taken the above code and used it in a GUI created in PowerShell Studio to make it easier for my colleagues to use.

Domain Trust Fix GUI

Second method using NLTEST:

Run “nltest /sc_verify:mydomain.com”

If all is good the output will be similar to:

Flags: b0 HAS_IP HAS_TIMESERV
Trusted DC Name \\mycomputer.mydomain.com
Trusted DC Connection Status Status = 0 0x0 NERR_Success
Trust Verification Status = 0 0x0 NERR_Success
The command completed successfully

If the connection is not successful NLTEST will automatically perform a repair.

COMMENTS

WORDPRESS: 0