The trust relationship between this workstation and the primary domain failed without local admin
There are two ways how can you manage your client and server machines in home or business environment, including Workgroup and Domain infrastructure. The workgroup is decentralized network infrastructure used for home and small business networks up to 10 machines. Workgroup does not require a dedicated server for managing machines, every machine has a different user account. On another side, domain infrastructure is centralized network
infrastructure which supports thousands of machines. For the implementation of domain infrastructure, you will need to purchase minimum one server which will act as Active Directory Domain Services and Domain Name Services. After you implement AD DS and DNS you will need to join all machines in the network to your domain and create domain user accounts for every user. Next time, the user will log on using domain user account, and not the local user account. There are a lot of benefits by using
domain infrastructure, including centralized and simplified management, fault tolerance, one user account for many services, and others. Few users encouraged problem when logging to the domain, including error: The trust relationship between this workstation and the primary domain failed. This issue occurs on client and server operating system, from Windows XP to Windows 10 and from Windows Server 2003 to Windows Server 2016. There are different reasons why this issue occurs, including a problem with a user account, the problem with the relationship between client and domain server and others. For this article, I created domain infrastructure appuals.com on Windows Server 2008 R2 and Windows Server 2016. There are seven methods which will help you to solve this issue. Method 1: Check DHCP configurationDid you add new DHCP server or reconfigure your current DHCP pool? If not, please read next method. If yes, please continue reading this method. There are two ways how you can assign IP addresses to hosts in your computer network, including static and dynamic addressing. Static addressing is manually assigning IP addresses to your machines which consume much more time and decrease the productivity of IT Administrator. We are recommending you to use dynamic addressing using DHCP (Dynamic Host Computer Protocol) protocol. The best practice will include static addressing for servers, storage and network printers, and dynamic addressing to other hosts in the network. Few users encouraged problem after they added another DHCP server in the current network. The problem was wrong DHCP pool for hosts in the network. Based on that, we are recommending you to check is DHCP working properly and are you using right network subnet. We will show you how to check DHCP on Windows Server 2016 and router TP-Link TL-ER6120. Imagine, the right network is working in C class, 192.168.1.0/24. So, let’s start.
In the second example, we will show you how to check DHCP configuration on TP-Link router. If you do not know how to access your router, please read the technical documentation of your router.
Method 2: Rejoin a Computer from a DomainIn this method, you will need to rejoin your client machine from a domain. For this action, you need to use Domain Administrator account which has permission to do changes like join or rejoin machine from the domain. We will show you how to rejoin Windows 10 Pro from Windows Server 2016 Standard. The same procedure is compatible with other client and server operating system, including client operating system from Windows XP to Windows 8 and server operating system from Windows Server 2003 to Windows Server 2012 R2.
Method 3: Reestablish trust through PowerShellIn this method, we will reestablish trust between the domain controller and client using PowerShell. You will need to log on using a local Administrator account.
Method 4: Add domain controller to Credential ManagerIn this method, you will use Credential Manager where you will add domain controllers account in Windows Credential. We will show you how to do in on Windows 10.
Method 5: Use Netdom.exe to Reset a Machine Account PasswordThis method is compatible with Windows Server 2003 and Windows Server 2008 R2. If you are using a newer version of server operating systems, please read next method. We will show you how to reset a machine account password on Windows Server 2008 R2.
Method 6: Reset Computer AccountIn this method, you will need to reset computer account using Active Directory User and Computers tool which is integrated into servers with Active Directory Domain Services role. The procedure is simple and compatible with server operating systems from Windows Server 2003 to Windows Server 2016.
Method 7: Perform a System RestoreWe talked so much time about System Restore because it helped us so many times in troubleshooting issues with system or application. Also, system restore can help you to solve the issue with reverting your system to the previous state when everything worked properly. Please note that you can not restore your Windows machine to the previous state if System Restore is turned off. Please read how to perform a System Restore.
Jasmin is a certified Senior Systems Engineer with over 10 years of experience and is currently employed by Paessler AG. Jasmin holds multiple IT certifications which includes CNIP, MTA, MCP, MCSA, Network+. How do you fix the trust relationship between this workstation and primary domain failed?Resolution. To resolve this issue, remove the computer from the domain, and then connect the computer to the domain. Use a local administrator account to log on to the computer.
How do you fix a broken trust relationship within a domain?Here is the classical way to repair trust relationship between the computer and domain:. Reset the computer account in AD;. Move the computer from the domain to a workgroup under the local administrator;. Reboot;. Rejoin the computer to the domain;. Restart the computer again.. What causes the trust relationship between this workstation and the primary domain failed?“The trust relationship between this workstation and the primary domain failed” Error Message. When an AD domain no longer trusts a computer, chances are it's because the password the local computer has does not match the password stored in Active Directory. The two passwords must be in sync for AD to trust a computer.
What does it mean the trust relationship between this workstation?The “trust relationship between this workstation and the primary domain failed” error means that the computer cannot access a network because it is offline, or that it has lost its membership to the Active Directory (AD) domain.
|