This message was deleted.

just log in as a local account and run Reset-ComputerMachinePassword -Server DomainControllerName -Credential domain\AdminAccount

okay, so that won't impact the MCS clones when i run an update?

Nope. Top tip... look into disabling automatic password update on the computer account, that is a registry setting which can be set inn the master image.

Exactly what @Geir Sandstad said is what I do at times. Sometimes I have to do this as well

Test-ComputerSecureChannel -Repair -Credential corpdsmith

I use this site to help me when I forget https://theitbros.com/fix-trust-relationship-failed-without-domain-rejoining/

@Ray Davis thanks...i guess it won't impact the clones...thanks

What @Ray Davis said will work as well when the problem arises. I've done that a few times with persistent VDIs that have lost the trust relationship. However, "my" fix should help you avoid that issue with the master image alltogether.

No @newbie1998 the clone have there own identity. But do what @Geir Sandstad stated with the machine account. If the master image is turned off, as most are while not in use. The Domain trust may continue to get broken. As I believe it is 30 days. It like we do with PVS Golden image. https://support.citrix.com/article/CTX231620/disabling-automatic-password-change-for-nonpersistent-desktops

Correct, @Ray Davis

I tried all these steps but none of them worked. I checked AD and the computer account was missing. I've never seen that before. I thought a computer AD account loses it's trust if it has been shut down for longer than 30 days.