Solved

Windows 7 Trust Relationship between the workstation and primary domain failed

Posted on 2012-03-28
6
988 Views
Last Modified: 2013-01-24
Hello,

We have a workstation on or domain that suddenly stopped working this week.  We have server 2003 SBS running our domain.  When I try to login or rejoin the domain I get the error "the trust relationship between the workstation and primary domain failed"

Ideas?
0
Comment
Question by:networkadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 28

Accepted Solution

by:
Run5k earned 500 total points
ID: 37778105
The first thing you should check is the time zone and accuracy of the current time.  That can cause problems like this.

Once you are sure that's good, you will probably need to login with a local administrator account, remove the machine from the domain, and temporarily switch it to a workgroup.  Then, delete the computer account from Active Directory in order to be thorough.  Finally, add it back to the domain in the proper OU, and you should be all set.
0
 
LVL 11

Expert Comment

by:BillBondo
ID: 37778353
I found out by mistake by pulling the network cable I could log on, then rename and remove from domain. Reconnect the wire and and rename and add back to domain.
0
 

Expert Comment

by:fd4u
ID: 38810063
Removing workstation from the domain, and then adding it back in some situations IS NOT acceptable. This way you'll lost all the settings related to the workstation account, e.g. DOMAIN\WORKSTATION$. So if you have any systems that depends on this - you'll get more trouble. In my case it is MS Lync Server 2013. After removing it form, and then adding it back to the domain - I've got useless workstation.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 28

Expert Comment

by:Run5k
ID: 38812810
Fd4u, in my experience it would be exceedingly rare to encounter any type of problems like that.  In all of the years that I have utilized that work-around, I have yet to find myself with a "useless workstation" in the aftermath.
0
 

Expert Comment

by:fd4u
ID: 38815346
Probably "useless workstation" is too strong, but just to explain you what I've tried to say:
I've ran into the same problem (trust relationship) with one of my servers after migrating the whole infrastructure. Lync 2013 Front End was installed on it. I've solved "trust relationship" issue as you've proposed, but Lync was never ever able to start some services, so, in my case, I've got just that - useless workstation, and I've had to reinstall the server.
0
 

Expert Comment

by:fd4u
ID: 38815428
I think that there's better solution. Login with:
Local admin account
- OR -
Domain account, but using domain credentials cached in the machine. It can be done if you disconnect (unplug) the machine from the domain network. After you logged in connect the machine to the domain network again.

Instead of removing the workstation from the domain just change domain name. If your machine is member of domain MYDOMAIN then change it to be member of mydomain.local, and if it is member of mydomain.local change to MYDOMAIN. It is the same domain, of course, but you'll trick workstation to think that you are changing it. You'll get domain credential prompt, and "welcome to the domain..." message.

Trust relationship is established this way.

Honestly, I'm not sure if this procedure changes machine domain account, but at least it is faster, having just one step (restart) instead of two.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question