A more elegant solution than ‘unjoin rejoin domain’: reset computer machine password

It’s commonplace that one is tempted to unjoin and rejoin a computer from an AD domain in the belief this will resolve an issue.  Or there are error messages related to domain membership and it’s believed unjoin+rejoin is the only solution.  Here is an example of one of those errors “trust relationship cannot be established”.

Fortunately there is a much more elegant solution to specifically address the domain relationship problem without having to unjoin, reboot, rejoin, reboot.  Also unjoin+rejoin is a fairly invasive process for the computer and while it typically works without issues, it could lead to issues with profiles, permissions and so forth.

instead of unjoining and rejoining the domain, use the following powershell command which will also not require a reboot:

Reset-ComputerMachinePassword

This will restore the trust relationship between the computer and the domain in a much more precise and faster manner than unjoin and rejoining the domain.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.