Active Directory

[Duane Doucette]

Is it possible (and wise) to remove an inter-domain trust
through AD Users & Computers or ADSI edit ? When Domains &
Trusts is used I get "A Device ttached To The System Is
Not Functioning"

 

[Richard]

Hi Duane,

What service pack are you currently running on your
DC's? Have you tried to reboot your servers and then try
to remove the trust relationship? I wouldn't suggest
resorting to ADSI edit until that is your last choice.

Richard

 

[Richard Moreno]

Hi Duane-

You can only add\remove trusts through the Domains & Trusts MMC. If you're
getting that error, I'm curious to know if it only happens on one DC? Have
you tried to perform this action from any other DC in your domain? I would
also be curious as to what event viewer is reporting when you attempt to do
this. Are all your DC's registered in DNS with their SRV records and A
records?

If in the event you exhausted all resources to remove the trust through the
tools available then yes ADSIEdit would be the way to go.

 

[Duane Doucette]

The AD is up to scratch on all domain controllers, and the
DNS is too. We had a domain controller go off line for an
extended period of time (to which the trusted domain had
the secure channel)... The link between the office where
the domain exists and anywhere else is NOT reliable
(yet). I noticed that you can force a removal with NETDOM
as well. BTW when I try to remove the trust from ANY of
the trusted domain controllers, I get the same error...

 

[Richard Moreno]

After the secure channel was reset, was the trust still broken? Yea netdom
would be another tool to try prior to using ADSIEdit. Use it as last resort.
lol