Event ID 6026 — Domain Controller Promotion Trust Upgrade
Applies To: Windows Server 2008
.jpg)
When a computer is promoted to become a domain controller, the promotion process converts the existing trust relationships from the previous Security Accounts Manager (SAM) database to the newly created Active Directory database.
Event Details
| Product: | Windows Operating System |
| ID: | 6026 |
| Source: | LsaSrv |
| Version: | 6.0 |
| Symbolic Name: | LSA_ITA_UPGRADE_ERROR |
| Message: | Could not upgrade the Interdomain Trust Account %1. Please recreate the trust manually. |
Resolve
Recreate the trust manually
The Security Accounts Manager (SAM) was not able to upgrade a trust relationship that was part of the previous configuration. After the promotion is complete, manually create any missing trust relationships. Perform the following procedure using a domain member computer that has domain administrative tools installed.
To perform this procedure, you must have membership in Enterprise Admins, or you must have been delegated the appropriate authority.
To create a trust relationship:
- Open Active Directory Domains and Trusts. To open Active Directory Domains and Trusts, click Start. In Start Search, type domain.msc, and then press ENTER. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
- In the console tree, right-click the domain object, and then click Properties.
- On the Trusts tab, click New Trust. Follow the directions in the New Trust Wizard to create the type of trust that existed before but could not be upgraded.
Verify
To ensure that the trust relationship between the two domains is working properly, attempt to connect to a resource in the trusting domain from the trusted domain. Perform the following procedure using a domain member computer.
To perform this procedure, you must have membership in Domain Admins, or you must have been delegated the appropriate authority.
To verify that resources can be accessed in the trusting domain:
- In the trusted domain, log on to a computer with resource credentials that are appropriate for accessing the trusting domain.
- Click Start. In Start Search, type \\computer\share, and then press ENTER. Substitute the name of a computer in the trusting domain for computer, and substitute the name of a shared resource on that computer for share.
If the resource is accessible, the trust relationship is functioning properly.