OPERATING SYSTEMSOS Windows

The trust relationship between this workstation & the primary domain failed


If when you try log on to a computer that is running Windows 10 in a domain environment, and you receive the error message The trust relationship between this workstation and the primary domain failed, then this post is intended to help you with the most suitable solution to resolve the issue.

The trust relationship between this workstation and the primary domain failed

This error occurs because of a “password mismatch.” In Active Directory environments, each computer account also has an internal password – if the copy of the computer account password that is stored within the member server gets out of sync with the password copy that is stored on the domain controller then the trust relationship will be broken as a result.

The trust relationship between this workstation and the primary domain failed

If you’re faced with this issue, you can try our recommended solutions below in no particular order and see if that helps to resolve the issue.

  1. Reconnect the computer to the Domain
  2. Re-establish Trust
  3. Add Domain Controller to Credential Manager
  4. Reset Computer Account

Let’s take a look at the description of the process involved concerning each of the listed solutions.

1] Reconnect the computer to the Domain

This solution as recommended by Microsoft requires you to simply reconnect the computer failing to log on, to the domain.

To reconnect the computer to the domain, do the following:

  • Log on to the client computer with a local administrator account.
  • Right-click This PC and choose Properties.
  • Choose Advanced system settings in the left pane to open System Properties window.
  • Click Computer Name tab.
  • Click Change button.
  • In the Computer Name/Domain Changes window, check Workgroup under the Member of heading and type a workgroup name.
  • Click OK to confirm.
  • Enter the name and password of an account with permission to remove this computer from the domain.
  • Click OK and restart your computer as prompted.
  • Next, log back to your computer with a local administrator account and navigate to Computer Name/Domain Changes window again.
  • Now, check Domain under Member of section this time.
  • Type the name of the domain.
  • Click OK.
  • Now, enter the account and password of a domain administrator account.
  • Click OK to confirm.
  • Restart computer.

On boot, you can log on with your domain user account successfully.

2] Re-establish Trust

This solution requires you to re-establish trust between the domain controller and client to resolve The trust relationship between this workstation and the primary domain failed issue. Here’s how:

  • Press Windows key + X to open Power User Menu.
  • Tap A on the keyboard to launch PowerShell in admin/elevated mode.
  • In the PowerShell console, type in or copy and paste the command below and hit Enter:
$credential = Get-Credential
  • Input the user name and password of the domain administrator account into the Windows PowerShell credentials request pop-up login dialog.
  • Click OK.
  • Next, type or copy and paste the command below into PowerShell window and hit Enter:
Reset-ComputerMachinePassword -Credential $credential
  • Once the command executes, exit PowerShell.
  • Restart computer.

Now, you can use domain user account to log on your device and check if the issue is fixed.

3] Add Domain Controller to Credential Manager

This solution requires you to simply add the domain controller to the Credential Manager.

To add Domain Controller to Credential Manager, do the following:

  • Press Windows key + R to invoke the Run dialog.
  • In the Run dialog box, type control and hit Enter to open Control Panel.
  • Navigate to User Accounts Credential Manager.
  • Choose Windows Credentials.
  • Click Add a Windows credential.
  • In the dialog window, enter the address of the website or network location and your credentials.
  • Click OK button to save the changes.
  • Restart computer.

You should now be able to log on to your computer in the domain environment without problem.

4] Reset Computer Account

This solution requires you to reset the account of the computer which throws the error message.

To reset the computer account, do the following:

  • Press Windows key + R to invoke the Run dialog.
  • In the Run dialog box, type dsa.msc and hit Enter to open Active Directory User and Computers console.
  • Double-click the domain name to expand.
  • Choose Computer.
  • In the right pane, right-click the computer account that failed to connect to the domain
  • Choose Reset Account.
  • Click Yes to confirm the operation.
  • Restart computer.

Hope this helps!

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *