Solved

Trust relationship between workstation and primary domain fails

Posted on 2013-02-05
10
1,153 Views
Last Modified: 2013-02-27
I have a workstation that is having connectivity issues when trying to login to a domain. The error is "The trust relationship between this workstation and the primary domain failed". I seem to recall having this issue in the past and re-installing the OS. I would like to avoid doing this. Any and all ideas are welcome.

Thanks
0
Comment
Question by:bjbrown
  • 3
  • 2
  • 2
  • +2
10 Comments
 
LVL 10

Assisted Solution

by:cpmcomputers
cpmcomputers earned 125 total points
Comment Utility
Check the time and date on the pc id within 5Mins of the domain controller

If you have local login rights take it off the domain to a workgroup then re-etablish it on the domain

If you do not have local admin rights disconnect network cable and any wifi from the pc and login as the domain admin

Then do the above
0
 
LVL 14

Accepted Solution

by:
Giovanni Heward earned 125 total points
Comment Utility
Logon to the workstation as a user with local administrator rights.  Press windows key +r then type control sysdm.cpl for system properties.  From here select the computer name tab then the change button.  You'll want to take the machine off the domain and into a workgroup.  Apply changes. Reboot.  Repeat the process, only this time add back to the domain.

The primary issue I run into with this is due to users creating a virtual machine clone of their physical machine, without taking it off the domain first.
0
 
LVL 14

Expert Comment

by:Giovanni Heward
Comment Utility
If you don't know a local username use Offline Windows Password & Registry Editor, Bootdisk / CD.  With this you can list users, remove passwords, enable accounts, elevate privileges to administrator, etc.

There might be multiple reasons for this kind of behaviour. Below are listed a few of them:

   
Single SID has been assigned to multiple computers.
   
If the Secure Channel is Broken between Domain controller and workstations
   
If there are no SPN or DNSHost Name mentioned in the computer account attributes
   
Outdated NIC Drivers.
0
 

Author Comment

by:bjbrown
Comment Utility
Thanks experts for the quick response, I'll give them a try and let you know. Looks like it will be tomorrow before I have access to the users computer.
0
 
LVL 13

Assisted Solution

by:Gabriel Clifton
Gabriel Clifton earned 125 total points
Comment Utility
You can also try: find computer account in ADUC, right click, reset account. This works most of the time, but not all of the time.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 10

Assisted Solution

by:Pramod Ubhe
Pramod Ubhe earned 125 total points
Comment Utility
To resolve this quickly, just re-join that computer to the domain.
0
 
LVL 10

Expert Comment

by:cpmcomputers
Comment Utility
pramod_ubhe

I think that is what x66_x72_x65_x65 and I have already said ?
Unless you have something more specific we have missed?
0
 

Author Comment

by:bjbrown
Comment Utility
Just to keep this thread going and question open..
I tried PantherTech's suggestion --------------You can also try: find computer account in ADUC, right click, reset account. This works most of the time, but not all of the time.---------------

This did not work, good to know this trick however so thanks PantherTech :-)

Will try other suggestions as time allows. I know that the user has to disconnect from the network and then reconnect the CAT5 cable to get on the domain, this happens often. This is a Dell Laptop running W7 32 bit.
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
Comment Utility
Check the nic, if it is a desktop, swap the nic with another computer. Also, check if power saving feature is turned on and windows is unable to wake the nic up
0
 

Author Closing Comment

by:bjbrown
Comment Utility
Thanks experts, looks like this will be a moot point since the user has replaced the PC.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now