Product Knowledge Base Article ID: 230210 - Last Review: 2010-02-23 - Revision: 1

    A computer object created with NNS ADix is not trusted by the domain

  On this page:


If you create a computer object using NNS ADix, the computer object will be created but is not trusted by the domain where the computer objects resides.



If an Active Directory computer object was created without setting the attribute userAccountControl to a value of 4096,  the computer object will be not trusted by the domain.




When importing computer objects, use the attribute userAccountControl in the import file and set it's value to 4096. This will create computer objects which are trusted by the domain. See the MORE INFORMATION section to get more information about the attribute userAccountControl.


The following example creates a computer object named 'pc0001' which will be trusted by the domain:




This behaviour is by design. We will update the NNS ADix help topics to reflect this issue.




The attribute userAccountControl will be used to set various Account options on user or computer accounts (See the Microsoft KB305144 - How to use the UserAccountControl flags to manipulate user account properties for more information).

The values or flags for the attribute userAccountControl are cumulative. E.g. to create a disabled computer object which will be trusted by the domain, set the userAccountControl attribute to 4098 (2 + 4096).




  • NNS ADix v3