How to find Computers with Trust relationship issues on your Domain

By | April 17, 2016
0 Comment

One of my readers facing the problem is that many of the PC’s are having Trust relationship issues but he doesn’t have a list of PC’s which are having this issue. The users are able to login to the domain account in these PC’s and Group policies also seem to work in many of these PC’s

Before list the workstation with Trust relationship issues on your Domain, read  How to troubleshoot workstation Trust relationship issues on Domain, on my previous article, checking a single computer is easy one, just use the net command and loop command can be used for list of computers

Also Read: AD Slow Authentication and prompting for credentials again and again

How to find computer account issue

You can check this with net command to check the trust relationship, run this from local Domain controller with Domain Admin permission

net use \\computername


net view \\computername

Computer must me connect to network to check this, you will get the Access is denied error or any other error

Also Read: Active Directory Replication failed with “Target principal name is incorrect”

Comman To check this for list of Computers or all Domain joined systems

Looping can be used to check the bulk computers, like below command

For /f "tokens=1-3 delims=;" %a in (list.txt) do net use \\"%a" >>c:\temp\result.txt

Review the result file to find the affected computers in the newtwork

Also Read: Active directory Troubleshooting (Part1 – Diagnostics Logging)

QuestionVote as helpfulPowershell Command to check Trust relationship issues on all the computers in a Domain
Import-Module ActiveDirectory

$computers = Get-ADComputer -Filter *
Foreach ($computer in $computers)
{
Enter-PSSession -ComputerName $computer -Credential #<Provide the username>#
Invoke-Command -ComputerName $computer -ScriptBlock { $a = Test-ComputerSecureChannel }
if ($a -eq 'True')
{
Add-Content "c:\ComputerDetailsWithCorrectTrustRelationship.txt" $computer + ";" + $a
}
else
{
Add-Content "c:\ComputerDetailsWithWrongTrustRelationship.txt" $computer + ";" + $a
}

}

Also Read: Active Directory real time issues and solutions

 

Related posts:

Default ThumbnailActive directory Troubleshooting (Part1 – Diagnostics Logging) Default ThumbnailHow secure channel determine the Domain controller in cross-forest Default ThumbnailCommand to find Duplicate SPN Default ThumbnailDNS Entry of Domain Controller are Resolving to Incorrect value Default ThumbnailHow to troubleshoot workstation Trust relationship issues on Domain

Leave a Reply

Your email address will not be published. Required fields are marked *