Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Windows 7 Trust Relationship between the workstation and primary domain failed

Posted on 2012-03-28
6
Medium Priority
?
1,006 Views
Last Modified: 2013-01-24
Hello,

We have a workstation on or domain that suddenly stopped working this week.  We have server 2003 SBS running our domain.  When I try to login or rejoin the domain I get the error "the trust relationship between the workstation and primary domain failed"

Ideas?
0
Comment
Question by:networkadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 28

Accepted Solution

by:
Run5k earned 2000 total points
ID: 37778105
The first thing you should check is the time zone and accuracy of the current time.  That can cause problems like this.

Once you are sure that's good, you will probably need to login with a local administrator account, remove the machine from the domain, and temporarily switch it to a workgroup.  Then, delete the computer account from Active Directory in order to be thorough.  Finally, add it back to the domain in the proper OU, and you should be all set.
0
 
LVL 11

Expert Comment

by:BillBondo
ID: 37778353
I found out by mistake by pulling the network cable I could log on, then rename and remove from domain. Reconnect the wire and and rename and add back to domain.
0
 

Expert Comment

by:fd4u
ID: 38810063
Removing workstation from the domain, and then adding it back in some situations IS NOT acceptable. This way you'll lost all the settings related to the workstation account, e.g. DOMAIN\WORKSTATION$. So if you have any systems that depends on this - you'll get more trouble. In my case it is MS Lync Server 2013. After removing it form, and then adding it back to the domain - I've got useless workstation.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 28

Expert Comment

by:Run5k
ID: 38812810
Fd4u, in my experience it would be exceedingly rare to encounter any type of problems like that.  In all of the years that I have utilized that work-around, I have yet to find myself with a "useless workstation" in the aftermath.
0
 

Expert Comment

by:fd4u
ID: 38815346
Probably "useless workstation" is too strong, but just to explain you what I've tried to say:
I've ran into the same problem (trust relationship) with one of my servers after migrating the whole infrastructure. Lync 2013 Front End was installed on it. I've solved "trust relationship" issue as you've proposed, but Lync was never ever able to start some services, so, in my case, I've got just that - useless workstation, and I've had to reinstall the server.
0
 

Expert Comment

by:fd4u
ID: 38815428
I think that there's better solution. Login with:
Local admin account
- OR -
Domain account, but using domain credentials cached in the machine. It can be done if you disconnect (unplug) the machine from the domain network. After you logged in connect the machine to the domain network again.

Instead of removing the workstation from the domain just change domain name. If your machine is member of domain MYDOMAIN then change it to be member of mydomain.local, and if it is member of mydomain.local change to MYDOMAIN. It is the same domain, of course, but you'll trick workstation to think that you are changing it. You'll get domain credential prompt, and "welcome to the domain..." message.

Trust relationship is established this way.

Honestly, I'm not sure if this procedure changes machine domain account, but at least it is faster, having just one step (restart) instead of two.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question