The trust relationship between this workstation and the primary domain failed

Question

The trust relationship between this workstation and the primary domain failed

Answer 1

The error message "The trust relationship between this workstation and the primary domain failed" typically indicates that the secure channel between a domain-joined computer and the domain controller has been disrupted. This issue can occur when the machine's password is not synchronized with the domain database or if the computer account in the domain has been deleted or corrupted.

To resolve this issue, you can follow these steps using either Command Prompt or PowerShell:

Command Prompt

1. Sign in with the local administrator account.
2. Open an elevated command prompt window.
3. Test the secure channel with the command:

      netdom verify ComputerName /domain:YourDomainName
   

4. Reset the machine password:

      netdom resetpwd /server:DomainControllerName /userd:Domain\Username /passwordd:*
   

5. Reset the secure channel:

      netdom reset /domain:YourDomainName /userd:DomainUsername /passwordd:*
   

6. Restart your device.

PowerShell

1. Sign in with the local administrator account.
2. Open an elevated PowerShell window.
3. Test the secure channel:

      Test-ComputerSecureChannel
   

4. If the test returns False, repair the secure channel:

      Test-ComputerSecureChannel -Repair -Credential (Get-Credential)
   

5. Reset the computer account password:

      $credential = Get-Credential
      Reset-ComputerMachinePassword -Credential $credential
      Restart-Computer -Force
   

6. After rebooting, follow the steps to rejoin the domain if necessary.

Answer 2

Hi Robinson, Crystal V,

The error “The trust relationship between this workstation and the primary domain failed” indicates that the secure channel between a domain-joined computer and the domain controller is no longer valid. This typically occurs when the computer account password is out of sync with the domain or when the computer account in Active Directory has been deleted, corrupted, or modified unexpectedly.

To resolve this issue, you can repair the secure channel using either Command Prompt or PowerShell, as outlined below:

1. Using Command Prompt

• Sign in using the local administrator account.

Open Command Prompt with administrative privileges.

Verify the secure channel:

netdom verify ComputerName /domain:YourDomainName

Reset the computer account password:

netdom resetpwd /server:DomainControllerName /userd:Domain\Username /passwordd:*

Reset the secure channel with the domain:

netdom reset /domain:YourDomainName /userd:DomainUsername /passwordd:*

Restart the machine.

2. Using PowerShell

Sign in with the local administrator account.

Launch PowerShell as an administrator.

Test the secure channel:

Test-ComputerSecureChannel

If the result is False, repair the secure channel:

Test-ComputerSecureChannel -Repair -Credential (Get-Credential)

Reset the computer account password:

$credential = Get-Credential
Reset-ComputerMachinePassword -Credential $credential
Restart-Computer -Force

I hope this helps clarify the situation. If you find this answer useful, please hit “Accept Answer” so I know your issue is resolved 😊.

Jason.

Answer 3

Hi Robinson, Crystal V,

I hope everything is going well. Have you managed to fix the problem on your side or anythings else I can help with? If the solution worked for you, please consider selecting “Accept Answer” to help others find it more easily. Much appreciated!