IT Systems Engineering

Fix trust relationship at sites with smart card restrictions

So I know there are lots of articles out there which tell you  how to fix the trust relationship between a machine and AD. However, in sites where smart cart authentication is enforced for admin accounts, it is very difficult to do that easily. I tried many methods and this is the one which works quickest for me:

This assumes that you have two accounts. one admin and one non admin.

  1. Delete AD computer account of that machine
  2. Add AD account for the machine, let your non admin account be able add machine to domain
  3. Go to the machine and on an “administrative command  prompt” type this command:
  4. netdom resetpwd /s:domain-controller-name /ud:non-admin account /pd:*
  5. You will be prompted for a password. Type the non admin account’s password
  6. Reboot (not strictly needed)
  7. Done!

This is just one way of many other ways to do this.

Leave a Reply

Your email address will not be published. Required fields are marked *

Prove that you are a human *