Authentication Health Check Failures & Unable to Re-join the appliance to the Windows Domain - Windows Domain Trust Could not be created
Article ID: 366905
Updated On:
Products
Issue/Introduction
Authentication Health Check Failures & Unable to Re-join the appliance to the Windows Domain - Windows Domain Trust Could not be created
Active Directory Domain Services (AD DS) uses Domain Name System (DNS) name resolution services to make it possible for clients to locate domain controllers and for the domain controllers that host the directory service to communicate with each other.
Cause
Findings would show that a DNS server not in working state is referenced alongside a working one, in the "Primary DNS servers" config on the appliance. There would also be either all or some non-working DNS servers referenced as "Alternate DNS servers", in the config. Particularly, with the "Primary DNS Servers" config, referencing a non-working DNS server can prevent the appliance from successfully joining the Windows domain.
You would also see the "Windows Domain Trust Could not be created" error returned, as you attempt to complete the IWA Servers " Test Configuration". See the snippet below, as reference.
Resolution
Purge the non-working DNS servers, and allowed only the working DNS server, as the "Primary dns Server", and then, rejoin the appliance to the Windows Domain, and also test Web access to verify the fix.
Feedback
