Hey folks! I'm a junior sys admin trying to sort out a frustrating issue with Azure VMs. Whenever our architects redeploy a VM that's already joined to the domain, it gets kicked off the domain, even though it still shows up in Active Directory. The worst part is that it has a trust relationship problem and I have to manually rejoin it every time. Is there a way to prevent the VM from dropping the domain after a redeployment? Or could I set up some automation to make this process smoother so that they don't have to wait for me to rejoin the VM? Any advice or insight would be greatly appreciated!
2 Answers
You could use a PowerShell command to repair the trust relationship without needing to rejoin the domain. However, you'll need domain admin privileges to do this. If the AD object is still there and the GUID hasn't changed, you can run a command that looks something like `Test-ComputerSecureChannel -Repair -Credential `. Remember, you only need the `-Credential` part if the user running it doesn't have enough permissions.
When a VM is redeployed, it may lose its domain trust due to password mismatches. The machines typically update their passwords every 30 days. If the VM gets redeployed and it holds an old password that Active Directory doesn't recognize, that's why you're seeing this issue.
Thanks for the tip! I'll definitely check that out.