Share via

Azure AD Domain Services Resource Forest Trust Error

Slickrc23 81 Reputation points
2020-08-18T19:18:07.693+00:00

Im trying to establish a trust between my on-premise domain and Azure AD Domain services managed domain.

The on premise side has added forwarders for both machine IPs and added the trust to the DC.

On the AADDS side after adding the trust information I am getting the following alert:

There is a problem with the trust for domain <mydomain>. Error: The security database on the server does not have a computer account for this workstation trust relationship.

Any advice or solution?

Thank you

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,256 questions
Microsoft Entra

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daisy Zhou 21,436 Reputation points Microsoft Vendor
    2020-08-19T01:36:19.507+00:00

    Hello @Slickrc23 ,

    Thank you for posting here.

    We can check prerequisites based on the information in the following link and establish trust as below:

    1. Prerequisites
    2. Sign in to the Azure portal
    3. Configure DNS in an on-premises AD DS environment to support Azure AD DS connectivity
    4. Create a one-way inbound forest trust in an on-premises AD DS environment
    5. Create a one-way outbound forest trust in Azure AD DS
    6. Test and validate the trust relationship for authentication and resource access

    For more information, we can refer to the following link.
    Tutorial: Create an outbound forest trust to an on-premises domain in Azure Active Directory Domain Services
    https://learn.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-create-forest-trust

    Other information for your reference.
    Tutorial: Create and configure an Azure Active Directory Domain Services managed domain with advanced configuration options
    https://learn.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-create-instance-advanced

    Hope the information above is helpful.

    Best Regards,
    Daisy Zhou

    1 person found this answer helpful.
    0 comments
  2. Thameur-BOURBITA 32,641 Reputation points
    2020-08-18T23:00:25.07+00:00

    Hi

    For this kind of rejoin the machine to domain can fix this issue.

    You can try also to reset secure channel password :
    https://devblogs.microsoft.com/scripting/use-powershell-to-reset-the-secure-channel-on-a-desktop/

    *Please don't forget to mark this reply as answer it it helps you to fix your issue *

    0 comments
  3. Slickrc23 81 Reputation points
    2020-08-19T13:14:19.42+00:00

    Thank you for the response. I have followed all guidance by the documentation and get the error in Azure AD Domain Services alert/overview:

    There is a problem with the trust for domain <mydomain>. Error: The security database on the server does not have a computer account for this workstation trust relationship.