Skip Ribbon Commands
Skip to main content

Campus Active Directory Services at UVM

:

How-To: FixTrust

Documentation, information, discussions, and announcements concerning UVM's Active Directory based File Sharing, Printer Sharing and other Windows Server platform based services.

Fixing a workstation's trust relationship

In Active Directory, computers have accounts, too, and they manage their passwords automatically. Occasionally, something can happen to disrupt the changing of the computer account password. Most often, this affects computers that have been reverted to an older restore point, but sometime it happens for other reasons.

The quick solution is to unjoin and then rejoin the domain. This procedure has two requirements:

  1. A non-domain account with Administrator rights to the local system
    If you only have Administrator access to the system with a domain account, then you need to create a new local account with Administrator rights before unjoining the workstation.
  2. Permissions to modify the computer object in Active Directory
    If you joined this workstation to the domain with your domain account, that account should have the ability to rejoin the workstation. If you don't know, your can send the workstation name to the Active Directory team.

Local Administrator account

To create an new local administrator account, or to reset the password on an existing one, you can use the Windows Manager Users Control Panel. If the computer is protected with PGP/Symantec Whole Disk Encryption, make sure you haveĀ a passphrase that you can use to log into the system.

Unjoin the workstation

Log on as a user with Administrator rights. Using the System Properties Control Panel, click the Change button, which will open the Computer Name/Domain Changes window. In the Member of area, click the radio button next to Workgroup and enter a temporary workgroup name like "UVM". Click OK a couple times and reboot the computer when prompted.

Join the workstation

Log on as a user with Administrator rights. Using the System Properties Control Panel, click the Change button, which will open the Computer Name/Domain Changes window. In the Member of area, click the radio button next to Domain and enter "campus.ad.uvm.edu". You will be prompted to enter a username and password; enter your NetID and password, or that of another account (technicians) with appropriate rights. Click OK a couple times and reboot the computer when prompted.