How to Fix the Trust Relationship Between This Workstation and the Primary Domain Failed in Windows 10
One of the most common issues faced by system administrators is the trust relationship between this workstation and the primary domain failed issue. Following are a few points to know for the said issue.
How to Fix the Trust Relationship Between This Workstation and the Primary Domain Failed in Windows 10 How to Verify Trust Relationship Between Workstation and Primary Domain Reasons that Cause Trust Relationship Failed Problem Method 1: Enable DHCP Server Method 2: Rejoin Machine from Domain Method 3: Use PowerShell to Fix Domain Trust Relationship Method 4: Add Domain Controller to Credential Manager Method 5: Reset Account Password Method 6: Reset Account Method 7: Perform System Restore
If you combine your PC with any Active Directory domain, a new user account and password have to be set. When you log in to your PC to an Active Directory Domain, a safe channel is established together with the nearest domain controller. The Domain Controller (DC) checks the user credentials and now, the trust is established between your PC and domain if the credentials meet the security policies pre-defined by the company. The password is valid for 30 days (default) and you have to change it after the allotted time. Your PC local account and password credentials will not expire in AD. This is because the Domain Password Policies do not apply to the Active Directory Computer Objects. The interesting fact is that, even if you have not powered on your computer for several months or a year, the trust relationship between the PC and the domain will still be remaining. So, the next time you log on to your domain-connected workstation, the password will be changed at the first login. When this trust relationship breaks for any reason, the trust relationship between this workstation and the primary domain failed no local admin prompt pops up on the screen.
How to Verify Trust Relationship Between Workstation and Primary Domain
To verify the trust relationship between your workstation and primary domain, you have to ensure that the local password of your computer is synced with the domain-controlled computer account password. Follow the below-mentioned instructions to find the same.
Log in to your computer with your local admin account and password. Note: If you face any difficulties in logging into your computer that also uses a domain account, then temporarily disconnect the Ethernet cable. Sometimes, this may allow you to log on to your computer by using cached Active Directory user credentials. Once you have logged in using these cached credentials, reconnect your Ethernet cable.
Now, hit the Windows key and type PowerShell, then click on Open.
Then, type Test-ComputerSecureChannel command and hit the Enter key.
You can also include –verbose switch parameter and hit Enter key.
You must receive The secure channel between the local computer and the domain (company name).com is in good condition. If so, then the trust relationship between the workstation and the domain is good.
Reasons that Cause Trust Relationship Failed Problem
The domain trust relationship failed problem can arise in your computer due to several reasons.
When your workstation is no longer trusted by the domain, you will face the trust relationship between this workstation and the primary domain failed problem. When the local account password credentials of your PC do not match with the object password of your PC in Active Directory, you will face the same problem. If your workstation tries to authenticate the domain with an incorrect password, you will face the discussed problem. It also happens after reinstalling Windows. When your computer is restored to an old restore point or to a snapshot that has an expired machine account password.
Also Read: Fix Intel RST Service Is Not Running in Windows 10 Here is a list of super seven troubleshooting methods that help you fix the trust relationship between this workstation and the primary domain failed issue. Follow the same to attain the best results. Note: Make sure you create a System Restore point to restore your Windows 10 computer when something goes wrong.
Method 1: Enable DHCP Server
If you have recently added a new DHCP server or made any changes to the existing DHCP pool, then continue reading this method. You can assign IP addresses to your host computers in a network, but static or dynamic addressing methods. Few users have reported that the trust relationship between this workstation and the primary domain failed issue arose after adding the DHCP server to the server. This happens when you add the wrong DHCP pool of IP addresses to the host networks. Hence, there is a need to check whether DHCP is working properly as instructed below. Note: Here, steps to check DHCP configurations for Windows Server 2016 and TP-Link TL-ER6120 working with 192.168.1.0/24 IP address are explained. Follow the steps according to your network setup.
Press and hold Windows + R keys together to open the Run dialog box.
Now, type dhcpmgmt.msc and hit Enter to launch the DHCP Management tool.
Now, expand your server to techcult.com\IPv4\Scope.
If you find the DHCP configuration is not configured properly, (192.168.1.0/24 IP address), you have to change the DHCP configuration. Then, to check the DHCP configuration of your router (e.g. TP-Link TL-ER6120), follow the below-mentioned steps.
Make a note of the IP address, Username, and Password of your wireless router. Note: If you do not know how to find the IP address of your router, refer to our guide How to Find My Router’s IP Address? or you can also find the information in the router manual.
Now, launch any browser and type the IP Address of your router in the address bar.
Now, type your router credentials and log in.
Then, navigate to the Network tab and select LAN from the left pane.
Now, switch to the DHCP tab and make sure DHCP Server is enabled. Check the DHCP addresses and click on Save if you made any changes.
Method 2: Rejoin Machine from Domain
Re-joining a machine or workstation from a domain is a potential fix for trust relationship between this workstation and the primary domain failed error. All you need is a Domain Administrator account that has all the rights to add or join any machine from the domain. Note: In this article, we have demonstrated steps to re-join Windows 10 Pro using a Server 2016 machine. You can also follow these steps with other client and server OS either from a Windows XP or Windows 8 machine using Windows Server 2003 or 2012 R2.
Sign in to your Windows local admin account and press Windows + E keys together to open File Explorer.
Then, click on This PC from the right of File Explorer and select Properties.
Then, search and click on View advanced System Settings and switch to the Computer Name tab.
Now, click on the Change… button.
Then, in the Computer Name/Domain Changes window, select the Workgroup radio button and type the name whatever you like.
Then, click on OK to save the changes.
In the next Windows Security prompt, type your Administrator account credentials and click on OK.
Confirm the next successive prompts by clicking on OK and exiting the System Properties windows.
Reboot your machine and log on to your Windows 10 domain user account. Check if you have fixed the trust relationship issue between your workstation and domain. Also Read: Fix The Active Directory Domain Services is Currently Unavailable
Method 3: Use PowerShell to Fix Domain Trust Relationship
This is another potential method that will help you fix the domain trust relationship PowerShell. It helps you establish the trust between the client and workstation. For this, you must need a local administrator account. Follow as instructed to fix the trust relationship between this workstation and the primary domain failed Windows 10 issue.
Log on to your Windows 10 local admin account.
Now, press the Windows key and type PowerShell, then click on Open.
Now, type $credential = Get-Credential command and hit Enter key.
Then, type your domain account password credentials and click on OK.
Then, type Reset-ComputerMachinePassword -Credential $credential command and press the Enter key.
Now, exit PowerShell and reboot the PC.
Then, log on to Windows 10 domain account and check if you can fix domain trust relationship PowerShell.
Method 4: Add Domain Controller to Credential Manager
With this method, you can fix the discussed issue by adding a domain controller account in Credential Manager. Follow the steps as instructed in Windows 10 PC.
Log on to your Windows 10 local admin account.
Now, hit the Windows key and type Credential Manager. Then, click on Open.
Then, click on Windows Credentials as depicted.
Then, click on Add a Windows Credential link as depicted.
Now, type the Internet or network address, along with your Username and Password credentials and click on OK.
Now, close all the Credential Manager windows and reboot your computer.
Finally, Log on to your Windows 10 domain user account and check if you have fixed the trust relationship issue between the workstation and domain. Also Read: How to Fix Error 0x80300024
Method 5: Reset Account Password
If you are using Windows Server 2003 and Windows Server 2008 R2, continue reading this method. Users using other versions of server OS, please skip to the next troubleshooting method. In this method, you will learn how to reset the machine password on Windows Server 2008 R2. Resetting the password will help you fix the trust issue in most advanced cases.
Logon to your domain admin account and hit the Windows key.
Press the Windows key, type cmd and click on Open as depicted.
Now, type netdom resetpwd /s:server /ud:domain\User /pd:* command window and hit Enter key. Note: Here s is the domain server name, domain is domain name and user is the conflicting user account.
Now, close all the windows and restart the PC.
Then, log on using domain user account and check if you have fixed the trust relationship between this workstation and the primary domain failed no local admin issue.
Method 6: Reset Account
Another simple and potential troubleshooting method that will help you fix the trust relationship between this workstation and the primary domain failed no local admin issue is resetting your computer account using a tool that is integrated with Active Directory Domain Services.
Press and hold Windows + R keys together to open the Run dialog box.
Now, type dsa.msc in the box and hit Enter key to open Active Directory User and Computers.
Now, expand to your domain, for example, techcult.com
Then, double-click on Computers and navigate to your conflicting user account that causes the problem.
Now, right-click on this user account and select Reset Account.
Confirm the prompt by clicking on Yes followed by OK and close the Active Directory User and Computers windows.
Finally, restart the PC and log on to your domain user account. Also Read: Fix Device Not Migrated Error on Windows 10
Method 7: Perform System Restore
If there are any incompatible Windows update components in your computer, your PC will not work as usual it does. So, restore your computer to a state where everything was working fine. Here are some instructions to restore your PC to fix the trust relationship between this workstation and the primary domain failed Windows 10 issue. To do so, follow our guide on How to use System Restore on Windows 10 and implement the instructions as demonstrated.
After restoring your Windows 10 PC, check if can use your Windows machine connected to the domain without any errors. Recommended:
Fix Samsung Internet Keeps Opening By Itself Fix Windows Store Error Code 0x80073CF3 Fix Not Enough Storage is Available to Process this Command Fix Private Internet Access Won’t Connect in Windows 10
We hope that this guide was helpful and that you could fix the trust relationship between this workstation and the primary domain failed issue in your device. Let us know which method worked for you the best. If you have any queries/suggestions regarding this article, then feel free to drop them in the comments section.