How can I log into a Domain controller that doesn't trust itself
Active Directory Restore Mode is the only way, and it will require that you know the Directory Services Restore Mode administrator account password.
Incidentally, it looks like this problem was caused by improperly restoring a Domain Controller. Just doing a standard restore from backup will leave you with a non-functioning domain Controller every time. Next time, follow the technet guide here.
You can restart into Directory Service Restore Mode remotely and log in using the DSRM (local administrator) password.
If you do not know that password, you can reset it by booting your virtual machine from an ntpasswd image.