We are currently evaluating 2008 Server Standard. It appears that we have run into a snag. We have multiple domains and often have user that login with credentials from a domain that is trusted. We have successfully added the users from different domains to the administrators group on the computer. However, attempting to login with a trusted domain account that is not the same domain as the machine fails. You get an error, "The security database on the server does not have a computer account for this workstation trust relationship." Searching for this error brings back all kinds of info none of it apparently relevant to Server 2008. It attempting to find what was causing the issue we created a new OU and told it to block Group Policy so we could use the local Policies. This same error messages is returned from the console and also through TS. Has anyone run into this issue? Any recommendations to a possible fix?g

Hi, I'd like to collect more information about the environment. 1. I think you try to logon to the computer in Windows Server 2008 domain using the user account in another trusted domain. Is that right? 2. Could you tell me that what kind of trust is established between the two domains? 3. Does the problem occur on every computer with every user account (which is from the trusted domain)? For example, please try to logon the Windows Server 2008 DC with another domain's account to see how it work. 4. Have you changed any security policies on the Windows Server 2008 domain? 5. What is the domain function level? Here is some suggestions you may refer to: 1. Computer accounts may be corrupted. Resetting computer accounts in Windows http://support.microsoft.com/kb/216393 2. The trust relationship between domains is broken. Use dcdiag tool to verify the current trusts between domains. Thanks!

I as well have the same problem.We have two domains and they are also two seperate forests, ADMIN and STUDENT and all our machines on campus are members of the ADMIN domain. There is a non-transitive, two-way, External trust setup between the two domains.Right now on non Vista-SP1 machines, a user in the STUDENTS domain can authenticate fine to ADMIN computers. When we take a Vista SP1 (32-bit, fresh install or upgraded) machine that is a member of the ADMIN domain, users in the STUDENTS domain can no longer authenticate to it, getting the same error as noted above, "The security database on the server does not have a computer account for this workstation trust relationship."Both Domain and Forest functional levels are Windows Server 2003. We're able to replicate this on multiple Vista SP1 machines. The trust on both sides has been validated as well. If you were able to resolve this or have any other thoughts, please let us know. - Joe Kalinowski, jkalinowski@clarku.edu

Did you ever find a solution to this problem? I'm facing the same issue... I have 2 Windows 2003 domains with 2-way trustand a Windows 2008 Standard Server in one domain which won't allow users from the other domain to log in. The error is"The security database on the server does not have a computer account for this workstation trust relationship." Users fromthe domain where the 2008 server's computer account work fine, but users from the trusted domain can't log in to the 2008server -- no problems with logins to any other Windows clients in this scenario.Thanks in advance for any insight...Michael

Did anyone ever have any luck getting this to work. I have two 2003 forestsForestA.lcl- user accountsForestB.lcl- computer accountsForestB.lcl > one way trust to ForestA.lclXP - workslogon to -XP.forestB.lcl asuser@forestA.lclVista - doesn not worklogon to -VISTA.forestb.lcl asuser.forestA.lclI getthe same error message mentioned earlier in this post... "The security database on the server does not have a computer account for this workstation trust relationship."I am using Vista GPMC for GPO/GPP management. I have been droping my Vista box from ForestB.lcl and joining it to ForestA.lcl when I need to manage GPO/GPP's in the meantime. A solution to this would save so much time... thanks in adavance.PJ

Anyone have any luck with this? I have a similar issue. I have 2 forests. Forest A has only one domain. Forest B has a root domain with 3 child domains. There is a one-way trasitive forest trust between the Forest A and Forest B (Forest B trusts Forest A, but not vice-versa). I can use an account from Forest A to sign in to the root domain of Forest B. When I try to sign on to one of the child domains in Forest B, with a Forest A account, I get this same error"The security database on the server does not have a computer account for this workstation trust relationship." What gives? Since all the domains in Forest B have an inherent 2-way trasitive trust, shouldn't the child domains trust Forest A?