celjan79
asked on
The trust relationship between this workstation and the primary domain failed.
Hello there,
I am getting the following error on workstation running Win7 SP1:
The trust relationship between this workstation and the primary domain failed.
I have found a lot of solutions mainly saying to unjoin and the join domain name. I was able to login to desktop when unplugin and then pluging LAN cable again.
But my main goal is to rejoin WITHOUT LOOSING the desktop and setting under that user login. I remember that one time i unjoined and joined and then I got completey new desktop.
Can you suggest more safer solution?
Regards.
I am getting the following error on workstation running Win7 SP1:
The trust relationship between this workstation and the primary domain failed.
I have found a lot of solutions mainly saying to unjoin and the join domain name. I was able to login to desktop when unplugin and then pluging LAN cable again.
But my main goal is to rejoin WITHOUT LOOSING the desktop and setting under that user login. I remember that one time i unjoined and joined and then I got completey new desktop.
Can you suggest more safer solution?
Regards.
ASKER
So the best thing to do is:
- unplug the LAN cable
- login to user account
- plug the LAN cable back
- unjoing from domain (joining to workgroup)
- then without restart / logoff again joing to domain
- restarting
- loging on
Is this correct?
- unplug the LAN cable
- login to user account
- plug the LAN cable back
- unjoing from domain (joining to workgroup)
- then without restart / logoff again joing to domain
- restarting
- loging on
Is this correct?
Check DNS, especially if unplugging the network cable and putting it back in fixes the issue. DNS most of the time is the problem, but not every time. If you find NO issues with DNS then your only option is unjoin rejoin domain.
ASKER
Gabriel Clifton: What do you mean regarding the DNS? I have 20 PC on the same LAN and nobody has problems with loging on.
If you mean local DNS on this machine. The internet is working, I can see network drives when plugin LAN back in. What test do you suggest?
If you mean local DNS on this machine. The internet is working, I can see network drives when plugin LAN back in. What test do you suggest?
When the system is not communicating with the domain, log into the machine locally, no domain, and check dns settings on the computer, check to ensure network is functioning properly on the computer. See if you can communicate with DC and see if the DC can communicate with the computer. Check the DNS records on your server to make sure the computer is listed properly. Check system logs to see if it is reporting what your issue is.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
When I use local account to login (switch user option) - like "computername\user" I get the same error like before:
The trust relationship between this workstation and the primary domain failed.
Do I need to do this with LAN cable pluged out?
The trust relationship between this workstation and the primary domain failed.
Do I need to do this with LAN cable pluged out?
If you are using computername\user you will need to unplug, if you are using computername\Administrator
ASKER
So to make it clear - this should work:
- login as local administrator (user: administrator); unplug if needed
- unjoin domain by joining to workgroup
- restart
- login again as local "administrator"
- join the domain
- restart
- login as user you worked as before on that workstation
And this should result in working desktop and apps without reinstalling and resetting?
- login as local administrator (user: administrator); unplug if needed
- unjoin domain by joining to workgroup
- restart
- login again as local "administrator"
- join the domain
- restart
- login as user you worked as before on that workstation
And this should result in working desktop and apps without reinstalling and resetting?
That should work without re-installing. The settings for each domain user will still be there & should work again once the machine is re-joined to the domain.
ASKER
When I login back with local administrator under workgroup, what user should I use to join? The user that work on that workstation and will then login or domain administrator?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
hi,
this happened to one of my clients, few months back, used instructions in below link to resolve quickly.
http://blog.blksthl.com/2013/03/18/fix-the-trust-relationship-between-this-workstation-and-the-primary-domain-failed/
this happened to one of my clients, few months back, used instructions in below link to resolve quickly.
http://blog.blksthl.com/2013/03/18/fix-the-trust-relationship-between-this-workstation-and-the-primary-domain-failed/
ASKER
Thanks for support. It worked :)
Great, I'm glad we could help!
FYI for future reference, when joining a workgroup computer to a domain, you need to be logged on with a local admin account. But, when prompted, you need to enter the credentials of a domain account which has rights to join the PC to the domain. Any member of the domain admins group will do, but other users can join up to 10 PCs to the domain.
On this page, http://technet.microsoft.com/en-us/library/cc780195(v=ws.10).aspx, MS says:
"By default, any authenticated user has this right and can create up to 10 computer accounts in the domain."
FYI for future reference, when joining a workgroup computer to a domain, you need to be logged on with a local admin account. But, when prompted, you need to enter the credentials of a domain account which has rights to join the PC to the domain. Any member of the domain admins group will do, but other users can join up to 10 PCs to the domain.
On this page, http://technet.microsoft.com/en-us/library/cc780195(v=ws.10).aspx, MS says:
"By default, any authenticated user has this right and can create up to 10 computer accounts in the domain."
Once you rejoin the PC to the domain, the user profile info for any domain accounts should still be on the PC.