Why is my Active Directory trust showing incorrect or outdated domain controller information?
- Use the 'netdom query dc' command in the Windows CMD prompt to check the domain controllers.
- Check whether the domain controllers are using dynamic DNS registration with Kerberos authentication.
- Ensure the domain controllers are all up to date and have the same patch level.
- Check if any system time differences exist between the domain controllers.
- Compare the trust object’s SID and name attributes both in the Active Directory and Windows CMD to see if any discrepancies occur.
- Run the 'repadmin /showrepl' command to check for any replication errors.