After joining a new Windows Server 2008 R2 member server to the domain I was not able to log in, even with a Domain Admin account. The following error was experianced:
The security database on the server does not have a computer account for this workstation trust relationship
After some investigation it turns out the computer new computer account did not have a SPN (Service Principal Name). This is stored in the servicePrincipalName attribute in Active Directory. Below is a screenshot from ADSIEdit:
I added two SPN's to the computer account object in Active Directory in the format of:
I was then able to log in to the new workstation.