WIN2008 R2 DNS ACCESS DENIED

AD 2008r2 PDC 硬盘挂了，BDC转移角色后DNS无法打开，并有以下日志：

When the server had rebooted the network location had changed to Unauthenticated. When trying to access the DNS console I was getting an error saying Access Denied.

如图:

DNS Access Denied

DCDiag测试失败，但可以访问Active Directory用户和计算机。

解决方法如下：

运行以下命令然后重启来解决错误：

nltest /sc_change_pwd:domainname.local

PS:
Command Description:
Changes the password for the trust account of a domain that you specify. If you run nltest on a domain controller, and an explicit trust relationship exists, then nltest resets the password for the interdomain trust account. Otherwise, nltest changes the computer account password for the domain that you specify. You can use this parameter only for computers that are running Windows 2000 and later.

Once the server had rebooted the network location changed back to ‘Domain’ and DNS was accessible. All client machines was then able to access the server.

Comments on my blog have indicated that this fix also works with Server 2012 R2.