Domain Trust Relationship Broken

Ever get the error “The trust relationship between this workstation and the primary domain failed“. You don’t actually need to leave the domain to correct the issue.

The trust relationship between this workstation and the primary domain failed

When the trust relationship fails between the workstation and AD, the first step is to check if the computer is still on AD. On Active Directory Administrative Center, search for the computer name and verify that the computer exists and is not disabled. If the computer doesn’t exist, you will need to log in as a local admin and remove the computer from AD and then rejoin.

​If the computer exists on AD, then there is a mismatch of the machine password between AD and the workstation. To resolve, launch PowerShell (as an administrator) and reset the computer machine password.

  1. Log in as a local admin, say, .\Administrator
  2. Open Powershell as Administrator
  3. Run the Reset-ComputerMachinePassword command (example below)

Reset-ComputerMachinePassword [-Credential ] [-Server ]

Example:

Reset-ComputerMachinePassword -Server ad.domain.com -Credential myusername

You can also script it by using PowerShell and creating a variable.

  • Log in as a local admin, say, .\Administrator
  • Open Powershell as administrator
  • Enter $cred = get-credential
  • Enter your ad\myusername or similar AD domain administrator creds when prompted
  • Run the Reset-ComputerMachinePassword command using the variable (example below)
Reset-ComputerMachinePassword -Server ad.domain.com -Credential $cred
Close Menu
×
×

Cart