Suddenly, Windows 7 professional is unable to build the trust relationship with the domain

Posted on 2011-04-21
Last Modified: 2012-05-11
Hello experts,

We have a Windows 2003 DC with 10 Windows 7 workstations connected to it.

Today and suddenly, one of the Windows 7 workstations is not allowing to login to any domain account, only accepting local administrator login. It's giving the message:

"the trust relationship between this workstation and the primary domain failed"

In the Windows system log, there is an error:

"This computer couldn't authenticate with \\, a windows domain controller for OURDOMAIN, and therefore this computer may deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator"

I am sure that there is no other computer on the same network having the same computer name. Also I don't know what they mean by the password. If they mean the user password, nobody has changed it.

Any quick help?
Question by:Muhajreen
    LVL 16

    Expert Comment

    Remove it from the domain and add it back in...  

    Author Comment

    If I do so, the user will have a new profile, I want two things:

    1. To know what is the reason of this, because manager is asking for that.
    2. To keep the same profile for the user
    LVL 7

    Expert Comment

    Normally, to rejoing a computer to domain means you bring it to workgroup restart and then join it to the domain and again restart. But following steps does this in one restart.
    Go to the system properties from where you join the computer to domain. remove the suffix (eg. .local, .com etc) from the domain name and click on ok or apply. You will be asked for credentials of an account with administrative rights on the domain. After this is done just restart and login.

    Author Comment

    And what about user profiles ?
    LVL 16

    Accepted Solution

    I've had to do this a few times and never lost the profile, but you can login as the local admin right so you can always make a backup copy of it if you feel better...

    Is it possible the user used system restore? that usually breaks the domain trust relationship
    LVL 37

    Assisted Solution

    The user profiles will not be lost/removed/damaged. Remove the PC from the domain. In active directory users and computers delete the computer account. Now add the PC back onto the domain. Reboot and log in as a user, all will still exist.
    LVL 15

    Expert Comment

    When you rejoin the computer to the domain, logon as the current user and create the profile. Logoff and then use an administrative account to logon and rename the new profile - and then rename the old profile to that of the new one and this should solve your problem.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
    Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now