FIX: Windows 7 Login Error "The trust relationship between this workstation and the primary domain failed."

Recently, my workstation was suddenly unable to logon to my Windows 2008 domain. After entering my domain username and password at startup, I was presented with the error: “The trust relationship between this workstation and the primary domain failed.”

Ahh, I’ve experienced something similar before and I knew I’d have to rejoin the domain. I hoped and prayed that my user profile wouldn’t be recreated and fortunately, I found a solution that not only worked, but my profile stayed the exact same:

My Computer -> Properties -> Advanced System Settings -> Computer Name -> Network ID… -> This is part of a business network… -> My Company uses a network with a domain -> Next -> Enter your domain username and password -> “An Account for this computer (“COMPUTERNAME”) has been found on the domain “DOMAIN.” Would you like to use this? Yes -> Add the following domain user account (the one you usually logon with) -> Administrator (if that’s how you roll) -> Finish -> Restart.

For those of you looking to resolve your trust issues, I hope this works for you as seamlessly as it did for me.

Posted in Active Directory, Windows
36 comments on “FIX: Windows 7 Login Error "The trust relationship between this workstation and the primary domain failed."
  1. Mark Tigris says:

    I had this problem as well, it was fixed once by flushing the DNS and rebooting, the second time I had to delete the computer from AD and rejoin it back to the domain.

  2. Clement says:

    I tried this but received a message stating access denied. I’m logged in as the administrator trying to add my regular user account…any ideas?

  3. Johnny A says:

    What do you do when you can’t even log on locally? Yes I tried the local administrator and a second local administrator.

  4. Gert Breed says:

    Plug out you network cable, use you credentials and wait for it to log on. As soon as it has logged on, plug the net cable back in. Then rejoin or apply hotfix…

  5. Adam Painter says:

    Had a similar problem when a client did a system restore on a Windows 7 PC. Logging into the domain with the cable unplugged worked a treat and the system restore was then able to complete.

  6. Ivan says:

    I had this problem as well, when two workstation with windows 7 ,when try need share folder to another windows 7 with domain (exp:computer name) got error The trust relationship between the primary domain and the trusted domain failed, any idea how to fix this ?

  7. David Brin says:

    Fantastic! I upgraded a Windows 7 client and ran into this error. I was only able to login in Safe Mode but your trick worked like a charm using the same profile. Odd glitch. Thanks for the fix.

  8. evgeni says:

    The easyest way is to rejoin the domain but the trick is that you have to change computer name olso . that fixing the problem

  9. Trent Townsend says:

    Thanks! Great fix without having to recreate/migrate profiles!

  10. Godliving says:

    Thanx Chrissy this worked out for me as well.

  11. Guest says:

    I had brought my work pc (normally connected from home's wireless using work vpn) from home back to the office & got this error when trying to login. I had wifi on while connected via ethernet. I turned wifi off, & was able to login to the network. I opened a CMD prompt & ran "gpudate /force" & it completed successfully. So guessing the dual connection (wifi & ethernet) was somehow conflicting the credentials to the domain.

  12. Hans says:

    Brilliant ! Worked for me.

  13. Bheemaraya Totad says:

    Thanks

  14. Erwin says:

    how about windows server 2008 R2? i have same problem while logon to domain from my windows 2008 server. please help me? i can't found network id in computer name of advanced system setting.

  15. LairBair says:

    Thank you! this worked great!

  16. Rich says:

    The big issue here is whether or not you can log in locally. One thing to check is the computer account in Active Directory. Without disjoin/rejoin, you could find that the computer account itself has been disabled. Enable the computer account and try again.

  17. this problem may fixed by renaming the domain
    the steps as follows

    pluged out the n/w cable then log into the system as administrator
    riht click and take the properties of my computer
    change setting of comuter bname,domain
    on cloputre name tab click change
    convert it tnto work group
    restart the system
    login using local administrator account
    change the setting again from workgroup to domain
    give a computer name and domain name
    if the doian is exist the system is added to the domain on the next restart
    then you can login into the system without any errors

  18. Kathy says:

    It worked!

  19. Paul says:

    Thank You! This fix works when removingadding to the domain fails to resolve the issue!

  20. guest says:

    Thank you very much. This completely solved a trust issue that I was having. The only thing I did differently was I did not add a local user when prompted.

  21. Renuka kasala says:

    wonderful…..it worked for me…….thank you so much…Renuka

  22. Ron says:

    what if there is a domain problem how can i fix the domain problem. Also how can i also fix a dns server problem

  23. Anisa says:

    I am at the login screen
    Everytime I try to enter the username and pw I get the answer: "the trust relationship betwee…"

    how do I log in?

  24. I created a script around the machinepwd.exe command, thus updating the secure channel password in an automated fashion. I also noticed that the Microsoft Windows Network provider order originally caused the problem (it was at the bottom), so I also added that to my script.

    ' —– ExeScript Options Begin —–
    ' ScriptType: window,activescript,invoker
    ' DestDirectory: %temp%
    ' Icon: default
    ' File: H:MachinePwd.exe
    ' OutputFile: H:Trust_Fix_and_Provider_Order.exe
    ' CompanyName: IT Department
    ' FileDescription: Trust Fix
    ' FileVersion: 1.0.0.1
    ' LegalCopyright: IT Department
    ' ProductName: Trust Fix
    ' ProductVersion: 1.0.0.1
    ' —– ExeScript Options End —–
    option explicit
    const HKEY_LOCAL_MACHINE = &H80000002
    Set wshShell = WScript.CreateObject("WScript.Shell")

    Dim LocalComputerName,arrayList,regKey,regObject,selectionStr,myStr,changeStr,otherStr,providerValueName,wshShell

    LocalComputerName = "."

    'how to test current trust, from the command prompt run
    'nltest /sc_query:DOMAIN_NAME

    'fix trust by updating/syncing secure channel password
    wshShell.run "%comspec% /c title Trust Fix & %temp%machinepwd.exe /updatepwd & echo. & echo This will continue on its own… & ping -n 6 127.0.0.1>nul",9,true

    'move microsoft windows network to the top
    Set regObject=GetObject("winmgmts:{impersonationLevel=impersonate}!\" & LocalComputerName & "rootdefault:StdRegProv")

    regKey = "SYSTEMCurrentControlSetControlNetworkProviderOrder"
    providerValueName = "ProviderOrder"
    regObject.GetStringValue HKEY_LOCAL_MACHINE,regKey,providerValueName,myStr

    arrayList = Split(myStr, ",")
    selectionStr = False
    If LCase(arrayList(0)) <> "lanmanworkstation" Then
    For i = 0 to UBound(arrayList)
    If LCase(arrayList(i)) <> "lanmanworkstation" Then
    otherStr = otherStr & "," & arrayList(i)
    Else
    selectionStr = True
    End If
    Next
    If selectionStr = True Then
    changeStr = "LanmanWorkstation" & otherStr
    regObject.SetStringValue HKEY_LOCAL_MACHINE,regKey,providerValueName,changeStr
    msgbox "Trust fix applied and provider order modification complete!", vbokonly + vbinformation, "Fix"
    Else
    msgbox Chr(34) & "Microsoft Windows Network" & Chr(34) & " is not available on this system", vbokonly + vbcritical, "Invalid"
    End If
    Else
    msgbox "Trust fix applied. Provider order modification not needed.", vbokonly + vbinformation, "Fix"
    End If

    LocalComputerName = ""
    arrayList = ""
    regKey = ""
    regObject = ""
    selectionStr = ""
    myStr = ""
    changeStr = ""
    otherStr = ""
    providerValueName = ""
    wshShell = ""

    WScript.Quit(0)

    'Eddie Jackson
    'http://eddiejackson.net

  25. Jason says:

    Thank you – worked for me!

  26. jlo says:

    This worked!

  27. MarkJ says:

    Nice ninja trick! This saved me loads of time on a client site-visit. Keeping the user's profile was huge deal so glad I didn't have to remove and re-add to domain.

  28. Matt says:

    Had a similar issue with SBS 2011 and service pack update.
    Having rebooted server, two Win 7 workstations decided they would allow login to domain. Usually to get round this sort of issue i'd remove them from the domain and then add them back to establish the trust relationship. This didn't work on this occasion and I was pulling my hair out. I kept getting network patth no found. I dedided to update the network driver one one machine and tried it again and this time it successfully added to the domain. Tried the other machine and the same thing.

    Must have been something in the SP update that these workstations didn't like.
    Anyway, just thought I'd share my find.

  29. Thanks for that! Saved me a heap of trouble this morning

  30. Lyman Meng says:

    this works fine, thanks for sharing

  31. Gary Worth says:

    This worked like a charm. Thanks

  32. JD says:

    Worked!!!

1 Pings/Trackbacks for "FIX: Windows 7 Login Error "The trust relationship between this workstation and the primary domain failed.""
  1. [...] Untuk workaround nomor 5 dapet referensi dari netnerd. [...]

Add Comment Register



Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">