Fix trust relationship at sites with smart card restrictions
So I know there are lots of articles out there which tell you how to fix the trust relationship between a machine and AD. However, in sites where smart cart authentication is enforced for admin accounts, it is very difficult to do that easily. I tried many methods and this is the one which works quickest for me:
This assumes that you have two accounts. one admin and one non admin.
- Delete AD computer account of that machine
- Add AD account for the machine, let your non admin account be able add machine to domain
- Go to the machine and on an “administrative command prompt” type this command:
- You will be prompted for a password. Type the non admin account’s password
- Reboot (not strictly needed)
netdom resetpwd /s:domain-controller-name /ud:non-admin account /pd:*
This is just one way of many other ways to do this.