How can I get the Trust Relationship to the domain to stop failing?
I just installed Windows 10. I was part of a domain. When I try to log in I get,
"The trust relationship between this workstation and the primary domain failed."
Since I do not remember my local accounts, am I left with resetting the local administrator password with a third party tool such as the Offline Windows Password & Registry Editor and rejoining the domain or using netdom on the client.
Is there another way to make the trust relationship come back?
edit: I have tried to reset the machine account in Active Directory Users and Computers. Same error. (yes, I rebooted).
Solution 1:
You can fix this without removing/rejoining the domain if:
A) You have a local admin account on the machine that you know the password for, or
B) You have logged in to the machine with a domain account with admin credentials in the past.
If A, just log in with the local admin credentials and then proceed to the next part. If B, disconnect the network cord, disable wireless, etc, and then log in as your local admin domain account.
Open PowerShell and run the following commands:
$credential = Get-Credential
Enter a domain admin account.
Reset-ComputerMachinePassword -Server DomainControllerName
This command will reset the machine password with the domain controller and you should be able to resume normal domain network access now.
I found this solution here and found it has worked multiple times: https://community.spiceworks.com/how_to/108912-fix-the-trust-relationship-between-this-workstation-and-the-primary-domain-failed
Solution 2:
I can't comment on the solution provided by music2myear, however there seems to be another step to the process. In the comments below the article linked in music2myear's answer, a more complete answer is provided.
Open PowerShell and run the following commands:
$credential = Get-Credential
Enter a domain admin account.
Reset-ComputerMachinePassword -Server DomainControllerName -Credential $credential
I was not able to get my issue resolved until providing the credential as the last parameter.
As another note, I assumed my domain controller to be, well, the domain name (i.e. MyDomain.local), however for the DomainControllerName
, I had to provide the Computer/Host Name of the domain controller.
Solution 3:
I had a similar issue after upgrading a machine to Windows 10, although I knew the local admin password! In my case, I thought that renaming the computer to get a new AD account for it would solve it, (as this is often sufficient when a VM drops out due to reverting a snapshot) but it did not work for this case.
The solution was a full removal of the computer from the domain, reboot, join back in, and reboot again.