Archive by category "Active Directory"

The trust relationship between this workstation and the primary domain failed

There are multiple reasons for getting this event. It mostly happen when you restore a domain joined server or workstation.
Event details:

EventID: 5719
Source: NETLOGON

This computer was not able to set up a secure session with a domain controller in domain β€œβ€ due to the following:
There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

There are multiple ways to fix this.
Just log in with your LOCAL (not domain) credentials.

1.The PowerShell way (yeah):

2. With netdom.exe using your Windows Command Prompt:

3. With the GUI:
Change your domain membership to WORKGROUP, reboot. And join again, reboot.

Check DNS Entries with PowerShell

In a dynamic environment it’s hard to keep your DNS up-to-date. Updating the DNS server is a task which is mostly forgotten during server maintenance.
Created just a simple one-liner for checking the registered suffix and do a ping test.

Yeah I know this one is not dummy proof, but hey! t helped me checking 10.000 records in 2 minutes, so maybe i can help someone with sharing this. πŸ™‚

 

Dynamic Group population and Role based Access PowerShell

For a customer i created a script which create new groups for all kind of unique jobtitles available in Active Directory. After the creation of all groups it loops through all users and add these to the created groups in the function above. This scripts help you to maintain for example role base access.

This scripts contains 3 functions:
1. Creating groups for all the unique jobtitle’s available.
2. Adding users with the same Jobtitle
3. Remove users after jobtitle change