The trust relationship between this workstation and the primary domain failed

作者: lesca 分类: Windows 发布时间: 2017-05-23 18:16

Introduction

You might have encountered this error message many times: “The trust relationship between this workstation and the primary domain failed”.
The general solution is dis-joining and re-joining the domain. Any other ways without doing so? The answer is yes.

Error message

The trust relationship between this workstation and the primary domain failed.
此工作站和主域之间的信任关系失败。

Solution: without rejoining the domain

Login as local administrator account, run Powershell with elevated privileges and type this command:
Reset-ComputerMachinePassword -Server "DC1.contoso.com" -Credential domain\Administrator

After reset the computer password, log off current account and login with domain account.

How it works!

The key reason the workstation lost trust is because this computer account’s password has been updated or expired in the Active Directory, however the workstation itself doesn’t know it.
We can reset the password now by Powershell command-let as mentioned above.

Also, to avoid this, there is a GPO setting that defines how long time the password will be updated:
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Domain member: Maximum machine account password age

Reference

[1] Reset-ComputerMachinePassword
[2] Domain member: Maximum machine account password age

版权声明

本文出自 Lesca 技术宅,转载时请注明出处及相应链接。

本文永久链接: https://www.lesca.cn/archives/solve-without-rejoining-domain-the-trust-relationship-between-this-workstation-and-the-primary-domain-failed.html

如果觉得我的文章对您有用,请随意赞赏。您的支持将鼓励我继续创作!