none
The trust relationship between this workstation and the primary domain failed.

    Question

  •  

    Hi guys,

     

    I've been running Vista Enterprise for about 3 months in a Windows 2003 Native mode domain.  Randomly, my Vista machine will be unable to authenticate to the domain.  I will not be able to RDP to other machines, my proxy authentication (ISA) will fail, network mappings will not work, etc.  If I log out and try to log back in, I get:

     

    "The trust relationship between this workstation and the primary domain failed."

     

    on my login screen.  The only fix is a full reboot.  Everything in AD looks OK.

     

    I also found an event log entry for NETLOGON, EventID 3210:

    This computer could not authenticate with (DOMAINCONTROLLER), a Windows domain controller for domain (DOMAIN), and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator.

     

    I'm going to try deleting my computer account and rejoining the domain.

     

    Any other suggestions?

     

     Joe K

    Friday, September 07, 2007 2:42 PM

Answers

  • First some basics you most likely already know.

    1. Computers are security principals just like users

    2. Computers authenticate to the domain on startup

    3. Computers change their password every 30 days by default

    4. Restore Points restore the computer password present at the time of the restore point

    5. If the local password and the domain password are not the same the computer must re-join the domain

     

    6. None of these things seem to be the issue here.

     

    IF you have not already, I suggest filing a bug report. Do not expect Microsoft to find these issues here, they must be reported.

     

    Monday, December 10, 2007 11:51 PM

All replies

  •  

    OK deleting the computer account and rejoining the domain didn't help.  Most of the people having this problem solved it by rejoining... I'll keep looking.
    Tuesday, September 11, 2007 1:55 PM
  • I hope someone from Microsoft is watching this, maybe for SP1.  I am seeing this happen around the Internet, so they should know by now.  For my situatuion, I am running Vista Business on a 2003 AD.  I receive the error message, "the trust relationship between this workstation and the primary domain failed" usually when I am using RDP or Remote Desktop.  I remote from another Vista PC.  If I go back to the PC in the office and log in everything is fine.

     

    I have removed the office PC from the domain and rejoined.  I have even renamed the PC during one remove and rejoin.  But I still get the message when connecting remotely.  I created a second local account with administrator priveledges, but not I thing something has removed it from the Administrators group as it is no longer working.  Probably due to the domain join process.

     

    Other complaints related to this message come from users that have used a system restore point, or have tried to use the same computer name on the domain for their Vista and XP PCs.  I have not done either of these.  The system restore point cause makes sense, but in my opinion should not happen either.

     

    Basically Vista is now not usable for me and I was the one "bleeding edge" user in my organization that was willing to try Vista as my primary desktop OS.  I work remotely and this issue has removed that capability.  I hope to see this fixed with SP1, if not I probably will not be coming back to Vista for a long time.

    Friday, October 26, 2007 7:43 AM
  • Hi Folks,

    I am exeperiencing the sam issue described at least twice a day. I have tried all the suggestions on the internet ie re-join domain, change password, remove/add computer name etc etc...

     

    Nothing seems to work. I am starting to think that it may be my wireless connection.... I am using netgear WNR854T router with an Atheros AR5008x client...I am wondering if others who have experienced this problem have a similar environment?

     

    Monday, December 10, 2007 10:58 PM
  • First some basics you most likely already know.

    1. Computers are security principals just like users

    2. Computers authenticate to the domain on startup

    3. Computers change their password every 30 days by default

    4. Restore Points restore the computer password present at the time of the restore point

    5. If the local password and the domain password are not the same the computer must re-join the domain

     

    6. None of these things seem to be the issue here.

     

    IF you have not already, I suggest filing a bug report. Do not expect Microsoft to find these issues here, they must be reported.

     

    Monday, December 10, 2007 11:51 PM
  •  

     

    Thanks...well aware of the basics. If you read the following http://blogs.technet.com/asiasupp/archive/2007/01/18/typical-symptoms-when-secure-channel-is-broken.aspx you will see why i suspect it may be the wireless network temporarily losing the network connection during the sync process...

     

    Quote from link above

     

    "If there are problems with system time, DNS configuration or other settings, secure channel’s password between domain members and DCs may not synchronize with each other. AD replication issue, other electronic problems may cause secure channel broken to member servers. To DCs, the secure may broken due to communication issues."

     

    Tuesday, December 11, 2007 4:09 AM
  • Below are some other suggestions from Eventid.net. I know that this is not XP, but interesting that Anti-Virus can potententially cause this.

     

    This may occur if "Restrict Anonymous" was set through Group Policy. See KB281733 to fix this problem.

    This problem can also occur if you are using F-Secure Anti-Virus version 5.3 on Windows XP, because F-Secure Anti-Virus version 5.3 is not compatible with Windows XP. See KB831348 for more details.

     

    Wednesday, December 12, 2007 6:01 PM
  • Interestingly, this issue only started occuring in my environment when i upgraded my laptop firmware causing me to re-activate Vista with a new authorisation key.

     

    I have noticed two intriguing events prior to every event 3210:

    1. Software Licensing Services (SLC - security licensing events 901 902 & 903) stops and restarts

    2. Desktop windows manager has exited (event 9009)

     

     

     

    Monday, December 17, 2007 5:42 AM
  • I have the same problem since I upgraded my BIOS.

     

    I have a Dell Latitude D630 and took the BIOS from revision A02 to A05.

     

    After the new BIOS had loaded I rebooted my machine and was able to use it for 30mins or so with multiple Drive mappings, multiple MSTSC's, connections to the internet and Exchange then all of a sudden "bang" a load of error messages saying all my MSTSC connections had closed, I couldn't ping anything and now I'm stuck.

     

    I cant roll back the BIOS.

    I have updated the Intel Chipset & Network Card Drivers and still cant connect.

    I have removed the computer account from AD and tried to rejoin with the same name - still cant connect.

    I have renamed the laptop, moved it to a workgroup, rebooted, joined domain again - this time it joined the domain successfully (computer account with new name exists in AD) but I still have no network connectivity (in the Network and Sharing Centre it says I am connected to an 'Unidentified Network')

     

    Is this a SID issue?

    Can I create a new SID or does renaming the PC create a new SID (or does it simply provide a new name to the existing SID)?

     

    Please help I am desperate

    Dazman98

     

    Friday, December 21, 2007 5:41 AM
  • How are you able to join the domain without network connectivity? I think this is not possible. I would suggest uninstalling and re-installing the NIC.

     

    Can you ping the DC? can you use NSLOOKUP successfully for local and/or internet names? How is your DNS configured on the client? Is it pointing to a DNS server authoritive for your domain?

     

    Thursday, December 27, 2007 9:31 PM
  • Ok this may be the answer....previously i've been exeperiencing this problem at least twice a day and now it been 20 hours without an issue.....

     

    I found this link http://support.microsoft.com/kb/888926/en-us and even though i don't use ISA I went through the Step 1 to cleanup my certificates and what i did find was interesting:

     

    1.) SBS 2003 places the computer certificate into 'Remote Desktops - Certificates' which is not valid under vista

    2.) I copied the certificate to 'Trusted Root Certification Authorities - Certificates' and rebooted.

    3.) Now been 20 hours without issue....lets hope this is it???

     

     

    Sunday, December 30, 2007 3:23 AM
  • Sorry Folks, this didn't work....back to losing the trust relationship....This is one weird problem.

    Sunday, December 30, 2007 10:43 PM
  • Yes I got the same message when I tried to login, I "just get out from domain and rename the PC and rejoin to the domain" now it's working perfectly...
    Wednesday, January 02, 2008 8:03 AM
  •  

    Hey guys the problem has disappeared after I applied the latest Vista and SBS 2003 patches released Thursday 10 Januart 2008.

     

     

    Friday, January 11, 2008 9:22 PM
  • Four days without rebooting!!!! Yeah, i think it fixed.
    Monday, January 14, 2008 2:57 AM
  • Mike, I've been seeing this same problem between Server 2003 RC2 and several Vista Ultimate/Business workstations.  Sounds like you might have found a fix.  Do you happen to know the KB #'s for the "Jan 10 2008" fixes you loaded?  I can't seem to find them available on either the Vista or 2003 boxes.
    Monday, January 14, 2008 7:54 PM

  • I am running Vista Enterprise w/ Service Pack 1 and Windows Server 2003 SP2 with all the updates...I am still having this issue!!!  Any ideas?
    Tuesday, January 15, 2008 10:28 PM
  •  

    These are the fixes i applied:

     

    Vista Ultimate: KB943411, KB943899, KB943302, KB941644, KB935509 ( I think 935509 is the key fix because it has something to do with SP1 for Vista)

     

    SBS 2003 Standard : KB943485, KB941644

     

    All working wonderfully well. Almost a week without a re-boot yeah!!!

    Wednesday, January 16, 2008 1:41 AM

  • Well, I unistalled SP1 RC from Vista and Installed  KB943485, KB941644 on my servers and I am now able to log in....tis is a really weird issue.

    I hope this is not just coinscidence....maybe
    those two updates really fix the problem...I guess we will find out. 

    Thanks for the tip Mike!
    Wednesday, January 16, 2008 4:29 PM
  • hey guys,

     

    i installed all the service updates and it still hasnt worked.  any ideas why this would not take effect???

     

    Monday, February 25, 2008 12:19 PM
  • have you got a link or know which updates you applied? i have tried several updates and have got no where.

     

    Monday, February 25, 2008 12:31 PM
  • Guys,

     

    This is indeed a strange issue, I have had this start happening once I installed SP1 and after I RDPed to my workstation.  Both Machines run Vista x86 SP1. 

     

    I have done the usual disconnecting from AD and back to AD again, but a short time later I lost the Trust Relationship again.

     

    As per everyone else with this issue, any help would be appreciated.

     

    Marcus.

     

     

     

    Monday, February 25, 2008 11:12 PM
  • remove the user  make sure the date\time is correct adn re-join the network see if that works

     

    Friday, June 20, 2008 1:56 PM
  • Here is something that will cause this:

     

    Many of us have been accustomed to flushing the Prefetch cache since Windows XP to periodicially improve preformance. In Vista, there is an additional folder in C:\Windows\PreFetch called "ReadyBoot". Do not delete this folder. If you do (and you are in a domain), you will get the above error. This sounds odd, but it happened to me, and it is reproducable.

     

    Sunday, June 29, 2008 3:50 PM
  • Hello, I am experiencing the same problem without any good resolution. I have Vista business and SBS 2003. What is different from many other users is that when I recieve the problem (happens immedietly after I've been logging in to the domain with my username on any other computer) is that it doesn't disappear at all. I have to make a systemrestore every time it happens. Now after the summer it has been more than 30 days and a systemrestore doesn't work. I just log into my computer without networkconnection and then connect to the network, not a very good resolution though..

    Even if it's my personal useraccount that makes this happen, it effects all the other accounts like the local administrator and the domain administrator. The readybbot-folder is still there and I'm going to switch computer and rejoin the domain, see what happens. Maybe someone have some use of the information. I'll get back after switching to my old XP computer.

    Wednesday, August 06, 2008 10:01 AM
  • Hi everyone. I'm having the same problem in a different flavor.

    Here's the scenario:

    My machines have been running Vista Business smoothly -well as smooth as it gets with Vista- and were connected with no server.

    Yesterday I setup SBS 2003 R2 Premium, created domain, user accounts and added computers. At first I had some problems in connecting the computers using http://domain/ConnectComputer, but eventually it worked on a couple of machines, so I decided to get done with these first before continuing with the rest.

    Now I can't login to the domain from the first screen. I get the same message -trust relationship. I logon to my station normally. I deleted the users AND the computers, recreated them and tried again, still can't login. It's not that I login then disconnect. I can't login in the first place.

    I went to my network, I can see the server. Double clicked on it, authenticated normally and accessed the folders. Nevertheless, I still can't login to the domain!!!

    Reading all the above, I updated to SBS SP2, connected via cable instead of wireless, deleted user accounts and computers then readded them, and restarted both server and client several times. None of this worked.

    Any advice?
    Saturday, August 09, 2008 9:38 AM
  • Also getting the same problem, various laptops running Vista and XP. Only occurs on those laptops not fixed PC's.

    Multiple windows 2003 Servers R2.

    Must be related to the use on /off -line.

     

    All updates applied. Tried removing accounts, looging off line and rejoining. This fixes problem bou only for a short while.

     

    Any suggestions?

     

    Wednesday, August 27, 2008 7:08 AM
  • Folks,

     

    Just an update on this nagging issue.  After some testing a few weeks back by setting up a Virtual DNS Server and Virtual environment remote from our own Network, it is something to do with the configuration of the corporations DNS which seems to be the culprit.  The virtual network worked correctly.

     

    Until my organisation officially supports Vista, I and a few others (whom haven't applied SP1) are in limbo and the multi reboot fun.

     

    Once I/we have a resolution I will pass on what I know.

     

    Marcus.

     

    Thursday, August 28, 2008 4:54 AM
  • Did anyone find a fix for this?  I'm having the same issue with two Vista Business laptops.
    Thursday, September 18, 2008 10:20 AM
  • Has there been any updates to this?  I have a Vista SP1 machine with full patches on a Server 2008/2003 AD domain (no SBS) that is also fully patched.

    Unfortunately, I left the local admin off by default on the machine, so I can't do anything there to test.

    If there is a solution tht anyone has, I would LOVE to hear it.  Everything I've run across hasn't worked.
    Wednesday, October 29, 2008 6:53 PM
  • I ran into the same problem this morning. The solution for me was take the PC off the domain and join it back to workgroup. I deleted remaining entries from AD and DNS before joining the computer back to the domain. Seems to be fine now. The environment in my case is XP SP3 on the client with a W2003 Standard PDC.

    Friday, November 07, 2008 3:26 PM
  • I am a technical instructor who runs two classrooms on a Vista Enterprise network. We also have Microsoft SteadyState installed on all of the classroom workstations. Recently, we have been having this same issue. Once or twice a week, at least some of the computers in the classrooms won't allow login and dispaly the message:

    "The trust relationship between this workstation and the primary domain failed."

    Some in my organization have suggested that perhaps Microsoft SteadyState is the culprit, but I have my doubts. Does anyone else who is experiencing this problem have SteadyState on their machines?
    Friday, February 20, 2009 6:13 PM
  • OK, I just solved this problem on a Server 2008 SP2 (AD) and Windows 7 x64 RC (desktop) couple...

    ...RDP'd to the DC then tried to RDP to the desktop - to no avail, the evil "trust relationship" came up. Local desktop logins worked and someone else confirmed it's still working inside the office...

    ...so I disjoined the domain, restarted the desktop, deleted its computer acc in AD, whenn it came online again rejoined the domain (you can use the same name, once it's deleted it's gone - it should ask for it during the join, remember), restarted and voila': now all designated domain user logins work via RDP from the DC.:)

    Maybe I'm just lucky but it did not work at all before.
    Tuesday, July 28, 2009 4:54 AM
  • I also resolved the problem ... in my case the problem occured because the machine with two os (win7 x64 prof & winxp prof) has both the same computer name. After changing the name in win7 to a free computername, the problem has been solved :)
    • Proposed as answer by ill wizard Monday, March 29, 2010 3:55 PM
    Friday, February 19, 2010 11:23 AM
  • I have also been experiecing the same issue, apart from after a bit of testing found it only happened to one AD user.

    Removed from the domain

    Log in as Local Admin

    Delete the account from C:\Users and the registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

    Restart machine

    Rejoin the domain

    Been working fine ever since.

    Monday, March 29, 2010 4:00 PM
  •    Today i encounter the similar issue,  when i try to access another computer that is a domian member of our domain tradestead.com, it prompt me the same error, luckily after i followed the steps listed below, http://support.microsoft.com/kb/162797  the problem was gone,

    tradestead

    Thursday, April 08, 2010 5:12 AM
  • I had to remove myself from the domain.  Change the computer name.  And then get back into the domain.  I also deleted the domain object is active directory users and computers.  That solve this issue for me.
    Friday, May 07, 2010 9:12 PM
  • yeah for the same issue i did same as m swillis5 but no change the computer name , just deleted used from the domain and created same with same credentials... and join the pc again to domain ... it working...fine...till... now... since 8 months...
    Saturday, July 10, 2010 9:09 AM
  •      I have the same problem in out enterprise enviroment.  We resolve the local issue on the PCs, by taking the PC from the domain to local admin account, change the sid, erase the pc name from computers in ad, and rejoining back on the domain.  We had one PC which needed this done twice the rest were good after one time.  the problem is this happened to about 20 PCs(out of about 800), and since we can't figure out the cause, i'm afraid it will continue to grow.  I followed this tread, and pretty much all  was followed(updates were done, unique names, sysprep part of our imaging process...). 

         We did add another 2 new domain controllers, Windows server2010, to our enviroment, and all the issues so for are only on out windows7 PCs.  the new domain controller servers were added to our colocations in preparation for our final move to this loaction where the old DCs will be retired.

     

    any ideas where to start looking?  any suggestion?  on the server the error log shows the generic error about not being able to resolve the name at the moment they get kicked out, but what is the root cause of this issue? 

    Monday, July 19, 2010 9:22 PM
  • I had this issue several years ago because of the imaging process.  It was the SID that was duplicated.  I used the SID tool that Microsoft used to have to download  but I'm not sure if it is still available.    Once it is out of the domain though, you would still have to rejoin after you run the SID tool.
    Wednesday, August 11, 2010 7:46 PM
  • This worked for me too,

    thanks guys!

    1 question - why did you change the computer name when you'd deleted the object from AD anyway?

     

    Thanks again for the assist here - took 30 mins, instead of  "I don't know how long" otherwise.

    Much appreciation from Ireland!!!

     

    :D

    Thursday, August 12, 2010 9:38 AM
  • I'm having the same problem as well in my company but would like to know what is the main cause of this as i suspect might be the wireless router is the root cause for no trust relationship
    • Proposed as answer by Mike Santiago Wednesday, November 10, 2010 8:32 AM
    Thursday, November 04, 2010 2:09 AM
  • I have the same issue, after I reinstalled our backup server for windows 2000 server. I am not sure if it has something to do with it because I never encountered this issues before.

    However, I have luckily resolved this by rejoining in the domain. First I removed from my domain, going back to ordinary workgroup.

    Then join the domain again.

    I change my DNS IP settings pointing to my primary domain controller. After successfully joining the Domain I reset the DNS IP to Obtain DNS automatically.

    I don't have problem rightnow but I am not satisfied with this sulotions for I am sure I am doing the same process everytime I add a client computer in our domain.

    Never encountered since I reformat our backup server. And another thing is I have issues on AD replication too.

    Wednesday, November 10, 2010 8:44 AM
  • Experienced the same issue.

    Re-ran the Network ID wizard to re-associate the PC which worked.  Why the PC is not renewing it's kerberos ticket when it expires is the next question?
    Thursday, January 27, 2011 7:59 AM
  • Experienced the same issue.

    Re-ran the Network ID wizard to re-associate the PC which worked.  Why the PC is not renewing it's kerberos ticket when it expires is the next question?


    Yess... thanks a million.
    had the same issue here; didn't want to go through rejoining my domain, since everything was in place.

    I have a Win2008 AD domain, and a Win 7 pro workstation - in which I had this issue.
    Unplugged the network cable, logged on with (the same) cached credentials, and ran the network wizard when the network cable is back in place... this went just fine, rebooted with the network cable in place, and now I could logon without a problem.

    Thursday, March 03, 2011 8:46 AM
  • Hi guys...

    Had the same issue.....Problem fixed using the following simple steps;

    1) Logon the problem machine with local administrator account

    2) unjoined the machine form the AD domain

    3) on the AD server, delete the machine account thumbstone

    4) log back on the problem machine with local administrator account

    5) join back the AD domain

    et voila!......

    problem solved....worked great for me ;-)

     

    Wednesday, May 25, 2011 2:40 PM
  • Hi guys...

    Had the same issue.....Problem fixed using the following simple steps;

    1) Logon the problem machine with local administrator account

    2) unjoined the machine form the AD domain

    3) on the AD server, delete the machine account thumbstone

    4) log back on the problem machine with local administrator account

    5) join back the AD domain

    et voila!......

    problem solved....worked great for me ;-)

     


    Easy enough solution for one or two machines, but what do you do if you have a site that covers a metropolitan area and you have 30-40+ machines that drop out DAILY?! I need to to know what variables contribute to the password mismatch. I understand that it happens but how can I prevent it from happening?! Anyone?
    Tuesday, June 14, 2011 7:23 PM
  • All of this is well and good... but what if you get the same error when logging onto the "local" administrators account? When logging on to the local admin account it shouldn't even be looking for a domain controller?? Furthermore, if I pull the cable out of the machine and try to logon to the local admin account, I get " There are currently no logon servers available to service the logon request".

    So how do you fix the problem if you can't get into the local admin account??

    I'm using Windows Server 2008 Std. for DC

    and Windows 7 Professional for Workstation.... so this is definately not a Vista problem!!

    Monday, June 27, 2011 2:54 PM
  • Ok... I was using the wrong computer name when logging in local admin... I am now fixed until it does it again somewhere else...
    Monday, June 27, 2011 6:17 PM
  • We've been experiencing similar issues in our office.

     

    I found that computers had been pulling incorrect Group Policy.

     

    1.) gpedit.msc

    2.) Computer Configuration --> Windows Settings --> Security Settings --> Local Policies --> Security Options

    3.) Find where it says "Network security: Configure encryption types allowed for Kerberos"

    4.) Check ALL of the boxes (or whichever kerberos encryption types your enterprise uses)

    5.) Reboot, and fixed!

     

    Hope this helps someone.

    Friday, July 08, 2011 12:45 PM
  • Are all these Server 2008 R2 running Native? And, has anyone tried installing SP1?

    Kerberos encryption is not an issue.

    Rejoining domain did not fix issue.

    Removing Accounts and recreating did not fix it.

    SID are not an issue because we are using PXE boot not imaging.

    Suspicion about accounts maybe stemming from an old 2003 templet, but not sure.

    Right now we are removing the 3 old 2003 DC from our network, and upgrading our other 8 DCs to SP1.

    Monday, July 11, 2011 4:01 PM
  • Long time reader, first time poster. I made an account just to post my solution, and usually I never respond. But to see so many conflicting reports on how to fix this, I wanted to throw in my helpful fix that finally worked for me under WinXP and Win2003 DC. Thanks to woodmouze

    1. Unplugged the network cable, so it logged on with (the same) cached credentials. I logged on as the Local Administrator.

    2. Under System Properties, under Computer Name, goto Network ID.

    3. Ran the network wizard with the network cable still unplugged.

    4. Right after you type in your credentials under the User Account and Domain Information screen, I plugged the network cable back in.

    5. It asked me to verify again with my Administrative account to my domain, it took it!

    6. Rebooted, and everything worked again! Reconnected to Domain without any issue.

     


    • Proposed as answer by Raymond-R Thursday, September 29, 2011 8:34 AM
    Wednesday, August 03, 2011 7:35 PM
  • Bauer52x,

     

    I just had this issue and tried your fix from above and it worked.  Thanks for posting it.  Has the machine you had this happen to been working fine for you?  I see you posted 5 days ago so I'm wondering if all is still well for you.

     

    Thanks,

     

    Mike

    Monday, August 08, 2011 3:06 PM
  • Thanks man.  I searched everywhere for a solution.  Yours worked.  Many thanks, I won't have to get up early on Monday morning to fix this. 
    Sunday, September 11, 2011 1:47 AM
    • Proposed as answer by BMan_au Friday, November 25, 2011 3:08 AM
    Thursday, September 15, 2011 9:06 PM
  • I had the same issue with my win 7 box I resolved it by unplugging the network cable from the computer, logged on with the cash account reconnected the computer to the network then readded to the domain. restarted and had no issues with trust.
    Friday, November 18, 2011 3:31 PM
  • HI TO ALL,

     

    I HAD THE SAME PROBLEM, BUT IN MY CASE AND PROBABLY IN MUCH OF YOURS.... THE PROBLEM IS THE ANTIVIRUS SOFTWARE, HERE WE USE SYMANTEC AND WHEN I DISABLE IT (PERMANENTLY)  THE MACHINE CONNECT  AND AUTENTICATE FINE TO THE DOMAIN.

    THEN WHEN LOGGED IN THE MACHINE WITH DOMAIN CREDENTIALS I REENABLE THE ANTIVIRUS SOFTWARE.

    WUALAAAAA!!!!!  ALL IS PERFECT.

     

    I HOPE BE USEFULL.

    jrober2p

    jrober2p@hotmail.com

     

     

    Friday, February 03, 2012 6:01 PM
  • Bauer52,

    Thanks for posting. This worked succesfully for the below:)

    The trust relationship between this workstation and the primary domain failed.

    Thanks,

    Bala...

    Wednesday, March 21, 2012 1:06 PM
  • Faced the same issue and it got resolved by taking my windows 8 computer off the domain and then rejoining it back while logged in as local administrator.
    Sunday, October 14, 2012 3:49 AM
  • For detailed analysis:

    http://siberblog.org/index.php/the-trust-relationship-between-this-domain-and-the-primary-domain-failed/

    http://siberblog.org/index.php/active-directory-analysis-the-trust-relationship-between-this-domain-and-the-primary-domain-failed/

    Tuesday, October 30, 2012 8:07 PM
  • I have recently encountered the same issue when I restored a backup copy of my VM.  And to resume login to my machine, I have used the following command while logging in as the default local administrator:

    netdom resetpwd /s:<AD Server> /ud:<DOMAIN>\Administrator /pd:*

    More information on the above command can be found here:

    http://support.microsoft.com/kb/325850

    HTH

    Sunday, March 10, 2013 4:36 PM
  • Nothing above worked for me...but I figured it out the hard way...hope this helps others

    1/Turn Off Wifi
    2/Plug in a ethernet cable to the router/hub directly connecting the PC/laptop
    3/take the pc out of the domain and put is a temp workgroup then Restart.
    4/login with local admin, put the PC into the domain, then restart.
    5/login with a domain user or domain admin.

    Next time you shall never have a problem...

    The Wificard/Driver for 64 bit machines is the culprit.

    Wednesday, July 17, 2013 5:29 PM
  • http://implbits.com/About/Blog/tabid/78/post/don-t-rejoin-to-fix-the-trust-relationship-between-this-workstation-and-the-primary-domain-failed/Default.aspx

    Just change your computer password using netdom.exe!

    netdom.exe resetpwd /s:<server> /ud:<user> /pd:*

    <server> = a domain controller in the joined domain

    < user> = DOMAIN\User format with rights to change the computer password

    Thursday, December 19, 2013 2:56 PM
  • I was able to resolve this issue by finding out that there are 2 PCs in the environment with the same PC name. We were temporarily able to resolve this issue by rejoining the domain process. Permanently by figuring out there were 2 users who were experiencing the same issue whenever they would try logging in and by chance I noticed both had same computer name.

    We were able to contact our AD admin. who was able to delete 1 of the computer name in AD and recreate it, which resolved the issue.

    Hope this helps someone.

    Thursday, December 19, 2013 5:16 PM
  • Long time reader, first time poster. I made an account just to post my solution, and usually I never respond. But to see so many conflicting reports on how to fix this, I wanted to throw in my helpful fix that finally worked for me under WinXP and Win2003 DC. Thanks to woodmouze

    1. Unplugged the network cable, so it logged on with (the same) cached credentials. I logged on as the Local Administrator.

    2. Under System Properties, under Computer Name, goto Network ID.

    3. Ran the network wizard with the network cable still unplugged.

    4. Right after you type in your credentials under the User Account and Domain Information screen, I plugged the network cable back in.

    5. It asked me to verify again with my Administrative account to my domain, it took it!

    6. Rebooted, and everything worked again! Reconnected to Domain without any issue.

     



    Hi,

    I had same problem on windows 8 installed on Hyper-V  (server 2012), it was very good suggestion. since it was on virtual machine, I unplugged the VM Network Cable by disconnecting the win8's Network adapter from Virtual Switch. by this solution I did not interrupt other VMs.

    Thanks again for your solution.
    Wednesday, January 22, 2014 10:51 AM