Fix: "The trust relationship between this workstation and the primary domain failed"
Network Administration Friday, December 11, 2015Error: "The trust relationship between this workstation and the primary domain failed".
Background: Domain logon fails because the computer password is outdated. The machine password updates every 30 days. This problem occurs when adding a computer to the domain with the same name, or restoring a computer from backup (e.g., VM snapshot).
Solution: First and foremost, ensure computers have a local Administrator account and password before this problem occurs!
- Create a unique (i.e., new) administrator account and password for each computer.
- Document the information.
- Disable the default local "administrator" account.
Use the local administrator account to log onto the computer after the domain authentication fails. One of the following steps will fix this issue:
Netdom:
netdom.exe resetpwd /s: /ud: /pd:*
= a domain controller in the joined domain
= DOMAIN\User format with rights to change the computer password
Netdom is not available with every version of Windows.
- Standard with Windows 2008 R2.
- Standard with Vista.
- Install Netdom on Windows 7 with the Remote Server Administration Tools (RSTAT).
- Powershell replaces netdom,exe in Windows 2012 and Windows 8
Reset-ComputerMachinePassword [-Credential ] [-Server ]
Note: "-Server" represents the local domain controller.
GUI:
Alternately, Microsoft recommends removing the computer from the domain:
Control Panel > System > Computer Name > Change settings > Add computer to a workgroup > Restart > Repeat process and add computer to the domain.
References:
https://support.microsoft.com/en-us/kb/2771040
https://support.microsoft.com/en-us/kb/325850
https://technet.microsoft.com/en-us/library/hh849751.aspx
Network Administration Windows Windows Server
0 Comments:
Post a Comment