diff --git a/ipatests/ipa-test-task b/ipatests/ipa-test-task
index 1f0d3ea7e..6d1658837 100755
--- a/ipatests/ipa-test-task
+++ b/ipatests/ipa-test-task
@@ -422,7 +422,7 @@ class TaskRunner(object):
         self.require_ad_domain(args)
         host = self.get_host(args.host, default=args.domain.master)
         ad = self.get_host(args.ad, default=args.ad_domain.ads[0])
-        tasks.remove_trust_with_ad(host, ad)
+        tasks.remove_trust_with_ad(host, ad.domain.name, ad.name)
 
     def configure_auth_to_local_rule(self, args):
         self.require_ad_domain(args)
diff --git a/ipatests/pytest_ipa/integration/tasks.py b/ipatests/pytest_ipa/integration/tasks.py
index 92a4f7dcd..70ec1a3ec 100755
--- a/ipatests/pytest_ipa/integration/tasks.py
+++ b/ipatests/pytest_ipa/integration/tasks.py
@@ -702,11 +702,13 @@ def establish_trust_with_ad(master, ad_domain, ad_admin=None, extra_args=(),
     time.sleep(60)
 
 
-def remove_trust_with_ad(master, ad_domain):
+def remove_trust_with_ad(master, ad_domain, ad_hostname):
     """
     Removes trust with Active Directory. Also removes the associated ID range.
     """
 
+    remove_trust_info_from_ad(master, ad_domain, ad_hostname)
+
     kinit_admin(master)
 
     # Remove the trust
@@ -716,14 +718,13 @@ def remove_trust_with_ad(master, ad_domain):
     range_name = ad_domain.upper() + '_id_range'
     master.run_command(['ipa', 'idrange-del', range_name])
 
-    remove_trust_info_from_ad(master, ad_domain)
 
-
-def remove_trust_info_from_ad(master, ad_domain):
+def remove_trust_info_from_ad(master, ad_domain, ad_hostname):
     # Remove record about trust from AD
-    master.run_command(['rpcclient', ad_domain,
-                        '-U\\Administrator%{}'.format(
-                            master.config.ad_admin_password),
+    kinit_as_user(master,
+                  'Administrator@{}'.format(ad_domain.upper()),
+                  master.config.ad_admin_password)
+    master.run_command(['rpcclient', '-k', ad_hostname,
                         '-c', 'deletetrustdom {}'.format(master.domain.name)],
                        raiseonerr=False)
 
diff --git a/ipatests/test_integration/test_legacy_clients.py b/ipatests/test_integration/test_legacy_clients.py
index cc0068243..553256a16 100644
--- a/ipatests/test_integration/test_legacy_clients.py
+++ b/ipatests/test_integration/test_legacy_clients.py
@@ -468,7 +468,8 @@ class BaseTestLegacyClient:
 
         # Remove information about trust from AD, if domain was defined
         if hasattr(cls, 'ad_domain'):
-            tasks.remove_trust_info_from_ad(cls.master, cls.ad_domain)
+            tasks.remove_trust_info_from_ad(cls.master, cls.ad_domain,
+                                            cls.ad_domain.hostname)
 
         # Also unapply fixes on the legacy client, if defined
         if hasattr(cls, 'legacy_client'):
diff --git a/ipatests/test_integration/test_trust.py b/ipatests/test_integration/test_trust.py
index 992639132..9935c4a65 100644
--- a/ipatests/test_integration/test_trust.py
+++ b/ipatests/test_integration/test_trust.py
@@ -93,7 +93,8 @@ class BaseTestTrust(IntegrationTest):
         assert expected_text in result.stdout_text
 
     def remove_trust(self, ad):
-        tasks.remove_trust_with_ad(self.master, ad.domain.name)
+        tasks.remove_trust_with_ad(self.master,
+                                   ad.domain.name, ad.hostname)
         tasks.clear_sssd_cache(self.master)
 
 
@@ -955,7 +956,9 @@ class TestTrust(BaseTestTrust):
             assert ('List of trust domains successfully refreshed'
                     in result.stdout_text)
         finally:
-            self.remove_trust(self.ad)
             tasks.restore_files(self.master)
-            self.master.run_command(['rm', '-f', ad_zone_file])
             tasks.restart_named(self.master)
+            tasks.clear_sssd_cache(self.master)
+            self.master.run_command(['rm', '-f', ad_zone_file])
+            tasks.configure_dns_for_trust(self.master, self.ad)
+            self.remove_trust(self.ad)