Lost trust relationship

[Guest]

A workstation lost its trust relationship with a SBS 2003 domain. When I log
on locally as the administrator. I try to add a new user to the domain, but
it tells me the workstation has no trust relationship with the domain.

What can I do to remedy this?

 

[Steven L Umbach]

If you run the support tool netdiag on it you will probably find some
related problems. One way to fix the problem you describe is to unjoin the
computer from the domain and then rejoin it again. Tools such as netdom can
also be used if you are familiar with their syntax. Make sure that your
domain computers are using only the domain controller as their preferred dns
server and NEVER an ISP dns server listed. You should be able to ping the
domain controller by IP address and name from your domain clients and the
command nslookup should show only domain controllers as dns server and be
able to resolve fully qualified names of domain computer and the domain
itself as in mydomain.com which should show correct IP addresses of domain
controllers. --- Steve

http://support.microsoft.com/?kbid=216393 -- using netdom and nltest

 

[Guest]

Its interesting you mentioned "Never use an ISP dns server."

When we first got our sever last November, it was set up as a DNS server
(naturally) and seemed to work. We were also letting the machines use DHCP
to get IP and DNS addresses.However, after we attached a Pix firewall, our
internet connectivity seemed to go down hill fast. We could get onto web
sites spontaneously (and rarely) we couldn't get our updates. as a work
around, I put our server's ip address in the DNS settings as well as our
ISP's DNS settings and that gives us full connectivity.

I would like to remedy this, but I don't know how and the guys who installed
it would fix this for a fee. As far as the original problem, I found an old
hard disk and installed a new system and client on it. It doesn't need to do
anything but run a specific network app so I don't have to reconfigure it for
any one person's use. Since I removed the user from the server what happened
to the old client's e-mail?

 

[Steven L Umbach]

Below is a great link to a KB article on dns for an Active Directory domain,
how it is used, and how to configure it. From what you describe you want to
disable DHCP on your firewall device and use only your domain controller for
DHCP. The DHCP for the domain controller needs to be configured with a scope
that includes the default gateway [your firewall device probably], the
domain name, wins server if used, and dns servers which would be our domain
controller. Your domain controller needs to point only to itself as its
preferred dns server and wins server [if used]. Then you configure dns on
your domain controller to forward to your ISP dns servers for internet name
resolution. This way your domain controller can resolve your domain names
and internet names for all your domain computers.

http://support.microsoft.com/default.aspx?scid=kb;en-us;291382

As far as a users email. Email for Outlook Express,etc is stored in the
users profile under documents and settings where there will be a folder
structure with the users name. Even if you remove a user from the operating
system his user profile remains unless you manually delete it. Emails are
stored in a strange place but look under user name folder/local
settings/identities/guid number/Microsoft/outlook express. The link below is
to a website that explains more on Outlook Express [if that is what as used]
and how to manage mail/news files. --- Steve

http://insideoe.tomsterdam.com/

 

[Guest]

Sorry. I forgot tot mention, we use Outlook 2003 with an Exchange server.
Thats why I thought deleting a user might matter.

 

[Steven L Umbach]

Hi Carl.

I am not that familiar with using Outlook 2003 and Exchange though I would
think that the emails are still available somewhere. If someone else here
does not help then you may want to post in an Outlook and/or Exchange
newsgroup. --- Steve

 

[Guest]

Thanks. I'll try that.

Hi Carl.

I am not that familiar with using Outlook 2003 and Exchange though I would
think that the emails are still available somewhere. If someone else here
does not help then you may want to post in an Outlook and/or Exchange
newsgroup. --- Steve