Detecting Workstation Trust Relationship failures

Does anybody have an analysis that checks to see if the Workstation Trust Relationship with the domain is still valid?


You could always just see if you have a response to:

 distinguished name of local computer of active directory

If you do then you’re a member of the AD domain

Are you trying to test if a trust between domains is still valid, the workstation is a member of a domain, or if the workstation account has become out of sync? The first one would have to be done at the domain controller.

We are trying to see if the workstation account has become out of sync, “The trust relationship between this workstation and the domain has failed” message.

I don’t think you’ll be able to do that with a native inspector. What I’ve done in such cases is to set up a repeating Task to run daily and execute a command (in your case it might be some version of ‘netdom verify’), record the output in a text file, and then have a separate Analysis report the content of the file.

Periodically run NLTEST.exe in a script and output the results to a file. Point an analysis at the file.

NLTEST has an extensive array of switches and options for verifying domain trust and health.



The command line switch I ended up using was nltest /SC_Verify:fqdn.of.doman

That’s exactly what I was looking for!

1 Like