none
The trust relationship between this workstation and the primary domain failed + Unknown local admin password

    Question

  • Following a system restore on a Windows 7 workstation, I am getting the error message that "the trust relationship between this workstation and the primary domain failed." I realize that the typical fix would be to login with a local admin account, leave, and then rejoin the domain. Here's the rub... I do not know the password for the local administrator.

    Any advice? Thanks.

    Tuesday, February 07, 2012 4:05 PM

Answers

  • Lost passwords are indeed a pain, however I found this utility to be very helpful, it is a linux based password reset utility. The prompts are easy to follow and everything works in no time!

    For the domain relationship error message, you have the right solution in mind however I will mention the following kb article for better understanding

    http://support.microsoft.com/kb/162797

    Hope this helps,

    Shah

    • Proposed as answer by Shah--Khan Tuesday, February 07, 2012 5:09 PM
    • Marked as answer by EdwardLee Thursday, February 09, 2012 2:38 AM
    Tuesday, February 07, 2012 5:06 PM

All replies

  • Lost passwords are indeed a pain, however I found this utility to be very helpful, it is a linux based password reset utility. The prompts are easy to follow and everything works in no time!

    For the domain relationship error message, you have the right solution in mind however I will mention the following kb article for better understanding

    http://support.microsoft.com/kb/162797

    Hope this helps,

    Shah

    • Proposed as answer by Shah--Khan Tuesday, February 07, 2012 5:09 PM
    • Marked as answer by EdwardLee Thursday, February 09, 2012 2:38 AM
    Tuesday, February 07, 2012 5:06 PM
  • Hi,

    Regarding this is related the password information, you should refer to the following article to see what the suggestion is in this situation:

    What to do if you forget your Windows password


    Alex Zhao

    TechNet Community Support

    Thursday, February 09, 2012 2:34 AM
  • Lost passwords are indeed a pain, however I found this utility to be very helpful, it is a linux based password reset utility. The prompts are easy to follow and everything works in no time!

    For the domain relationship error message, you have the right solution in mind however I will mention the following kb article for better understanding

    http://support.microsoft.com/kb/162797

    Hope this helps,

    Shah


    That utility worked like a charm Shah. Thank you. Got me in as local admin, left and then rejoined the domain, and all is working well again! A little scary what that utility does and how easily it does it though. :-)
    Thursday, February 09, 2012 2:41 AM
  • Glad it all worked for you :)

    regards,

    Shah

    Thursday, February 09, 2012 7:33 PM
  • we've had this problem as well after certain windows automatic updates - the easy trick is to unplug the computer from the network then login as normal.  Once logged in you can easily reset the local admin password to then rejoin the domain.
    • Proposed as answer by mantis2k Thursday, February 16, 2012 5:01 PM
    Thursday, February 16, 2012 5:00 PM
  • Thanks for this tip. I had the same issue with a VM Server.

    If I'd had this issue wih a Win 7 machine, my first instinct would of been to pull the network cable, but being a VM it only occurred to me to remove the network adaptor after reading your post. Now successfully logged in and reset the password

    Mark

    Thursday, March 29, 2012 1:23 PM
  • I don't know if this is helpful to anyone but this happened to me when I moved a virtual machine to a different host! I guess the domain controller got clever and see's the VM as a completely different machine and therefore it has never been added to the domain!

    Ant0

    Tuesday, April 17, 2012 9:17 AM
  • Just had this happen to one of our machines again after doing a system restore to roll back a few days after the machine got a malware infection. Unjoin and rejoin worked fine. A hassle though!
    Tuesday, April 17, 2012 12:44 PM
  • "the trust relationship between this workstation and the primary domain failed." in this error you found when your login time. Rejoining to the domain is the only one solution for to solve. This is happen in case of system restoration or after installing the windows updates. Once you rejoin you can retrieve the all files and same desktop (the same domain profile before you use).
    Saturday, May 26, 2012 8:23 AM
  • This also happened to us recently, after restoring a crashed server. The workaround to the missing local administrator password was to boot the client into safe-mode WITHOUT networking and login as a domain administrator whose password is known. It seems that in safemode, the computer makes no attempts to contact the domain controller and you can reset the local admin password from the control panel just fine. Obviously this is a more niche solution. Our network is extremely small and our security is fairly light - copies of the passwords are cached locally just to prevent a headache should the server have a glitch. However, the local caching seems to be the default for domains so unless you know you've changed that, you may be able to reset your local admin and then leave/rejoin the domain this way.
    • Proposed as answer by david ladowitz Wednesday, August 01, 2012 2:13 AM
    Tuesday, June 05, 2012 4:17 AM
  • Lost passwords are indeed a pain, however I found this utility to be very helpful, it is a linux based password reset utility. The prompts are easy to follow and everything works in no time!

    For the domain relationship error message, you have the right solution in mind however I will mention the following kb article for better understanding

    http://support.microsoft.com/kb/162797

    Hope this helps,

    Shah

    While this post helped the original asker, it is not really the solution to how to resolve the issue when one does not have access to a local admin acct.  Proper answer is from mantis2k
    Friday, July 13, 2012 5:11 PM
  • Rebooting in safe mode without networking let us log in with the domain account!! 


    David

    Wednesday, August 01, 2012 2:14 AM
  • Rebooting in safe mode without networking let us log in with the domain account!! 


    David

    Good to know!

    I had this happen to me again last week. Fortunately, this time I at least had the local admin account enableb. Still pretty irritating though!

    Wednesday, August 01, 2012 2:35 PM
  • There is a warning when using this utility, that encrypted files may not be accessible after pw reset.
    Thursday, August 23, 2012 2:26 PM
  • I dont think I would use that, personally.  But check out this blog:

    http://www.implbits.com/About/Blog/tabid/78/post/don-t-rejoin-to-fix-the-trust-relationship-between-this-workstation-and-the-primary-domain-failed/Default.aspx

    I read that many ppl are finding it useful.  It bogs down to resetting the local admin password.  Im trying it now...

    Thursday, October 04, 2012 7:40 PM
  • Thank you Shan--Khan this has got me out of a lot of trouble!
    Friday, February 08, 2013 9:08 AM
  • Nothing above worked for me...but I figured it out the hard way...hope this helps others

    1/Turn Off Wifi
    2/Plug in a ethernet cable to the router/hub directly connecting the PC/laptop
    3/take the pc out of the domain and put is a temp workgroup then Restart.
    4/login with local admin, put the PC into the domain, then restart.
    5/login with a domain user or domain admin.

    Next time you shall never have a problem...

    The Wificard/Driver for 64 bit machines is the culprit.

    Wednesday, July 17, 2013 5:24 PM
  • Just what I needed. Exact same situation as original posted question. Thanks for the quick and easy solution!!
    Friday, August 02, 2013 5:14 PM
  • 1/ Tell user to Unplug network cable (same effect as booting in safe mode without networking but half the time)

    2/ Get the user to log in as themselves with their Domain credentials

    3/ Get them to reconnect the Network Cable and send you a “Remote Assistance Request”

    4/ Activate Request and go to computers properties

    5/ Change from domain to workgroup (Using Domain Admin Credentials)

    6/ “DO NOT REBOOT” change back to your Domain (Using Domain Admin Credentials)

    7/ Tell User with “chat facility” that you are rebooting the computer and they should log in as usual.

    5 Minutes Tops, never left the IT Office Priceless, Now get back to reading More IT stuff because you can never learn enough

    “Alternatively make it as complicated as possible so they think you are a genius”


    Allan Wood IT Manager MCSE

    Wednesday, July 02, 2014 4:18 PM