• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1159
  • Last Modified:

Suddenly, Windows 7 professional is unable to build the trust relationship with the domain

Hello experts,

We have a Windows 2003 DC with 10 Windows 7 workstations connected to it.

Today and suddenly, one of the Windows 7 workstations is not allowing to login to any domain account, only accepting local administrator login. It's giving the message:

"the trust relationship between this workstation and the primary domain failed"

In the Windows system log, there is an error:

"This computer couldn't authenticate with \\dc.ourdomain.com, a windows domain controller for OURDOMAIN, and therefore this computer may deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator"

I am sure that there is no other computer on the same network having the same computer name. Also I don't know what they mean by the password. If they mean the user password, nobody has changed it.

Any quick help?
2 Solutions
Remove it from the domain and add it back in...  
MuhajreenAuthor Commented:
If I do so, the user will have a new profile, I want two things:

1. To know what is the reason of this, because manager is asking for that.
2. To keep the same profile for the user
Normally, to rejoing a computer to domain means you bring it to workgroup restart and then join it to the domain and again restart. But following steps does this in one restart.
Go to the system properties from where you join the computer to domain. remove the suffix (eg. .local, .com etc) from the domain name and click on ok or apply. You will be asked for credentials of an account with administrative rights on the domain. After this is done just restart and login.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

MuhajreenAuthor Commented:
And what about user profiles ?
I've had to do this a few times and never lost the profile, but you can login as the local admin right so you can always make a backup copy of it if you feel better...

Is it possible the user used system restore? that usually breaks the domain trust relationship
Neil RussellTechnical Development LeadCommented:
The user profiles will not be lost/removed/damaged. Remove the PC from the domain. In active directory users and computers delete the computer account. Now add the PC back onto the domain. Reboot and log in as a user, all will still exist.
JamesSenior Cloud Infrastructure EngineerCommented:
When you rejoin the computer to the domain, logon as the current user and create the profile. Logoff and then use an administrative account to logon and rename the new profile - and then rename the old profile to that of the new one and this should solve your problem.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now