Jump to content
RESET Forums (homeservershow.com)

Trust relationship failed


revengineer
 Share

Recommended Posts

Hi,

I have a laptop connected wirelessly to my windows domain hosted on a Windows Server 2012 Essentials domain. A few days after a bare metal restore, I am getting the message "The trust relationship between this workstation and the primary domain failed." upon login attempt. This is the second time this has happened on this machine and I have not had this problem with bare metal restore before (maybe it's not even related). The error does not happen right away the restore but a few days later, where "few" has been different each time. Previously,I simply did another bare metal restore. But this is time consuming and there must be a better way. I have seen various reports/fixes online, but nothing specific to Server Essentials. I do not want to mess up my network, so I though I ask someone more experienced than I am for help.

 

TIA!!!

Link to comment
Share on other sites

I get this regularly at my place of employment (school district).  One or two windows computers/month suddenly develop this for no apparent reason.  It's easy to fix if you remove the affected PC from the domain (just put it in a workgroup) and then re-add to the domain.  Couple reboots and you're good to go.  You may need to blow away the client's account on the domain controller console to use the same name again.

 

I think this stems from a password mismatch between the PDC and client (not the password you type -- Windows' internal one).  Not sure why it happens, but have only seen it in Windows 7. 

Link to comment
Share on other sites

So, removing and reading to the domain is what I read as well. But if I do this through the Essentials Dashboard, I think I will loose my backups. And if I archive the backups, I assume that I have to change the computer name to not cause a conflict. I did not want to confirm these suspicions before getting additional recommendations for thing to try. Isn't there a simpler way of resyncing the laptop, which indeed runs Windows 7, with the domain credentials?

Link to comment
Share on other sites

I agree it's something that shouldn't happen, or should be easily fixed (resynchronized) by the domain admin if it does...  But even Microsoft recommends this as the fix:

 

https://support.microsoft.com/en-us/kb/2771040

 

At work, where I see this issue, we don't do any client backups, so a new name isn't a big deal.  I don't use Windows Servers at home any longer, but if I did, I would probably just create the new account and immediately back up the client. 

 

Keep looking, though -- it's Microsoft, so someone has likely figured out a different way....


Update: someone has!  I wish I could try Drashna's method, but rebooting the server is a deal-breaker here at work.  On a home network though, that's another story!

 

I'd love to know if that worked for you.

Link to comment
Share on other sites

Thanks, Drashna, I will give this a shot tonight when I get home. Maybe I am lucky. I think my chance is better than cracking tomorrow's lottery jackpot!

 

I agree it's something that shouldn't happen, or should be easily fixed (resynchronized) by the domain admin if it does...  But even Microsoft recommends this as the fix:

 

https://support.microsoft.com/en-us/kb/2771040

 

At work, where I see this issue, we don't do any client backups, so a new name isn't a big deal.  I don't use Windows Servers at home any longer, but if I did, I would probably just create the new account and immediately back up the client. 

 

Keep looking, though -- it's Microsoft, so someone has likely figured out a different way....

Update: someone has!  I wish I could try Drashna's method, but rebooting the server is a deal-breaker here at work.  On a home network though, that's another story!

 

I'd love to know if that worked for you.

It's a home network for me (and I am the ignorant domain administrator :) ), so I will be able to test the solution Drashna posted. I will let you know if it worked.

Edited by revengineer
Link to comment
Share on other sites

Just to report back, the solution in the post Drashna pointed me to worked (almost without a hitch). Here is what I did:

 

1. Log into problem machine with local administrator account.
 
2. Start powershell with administrative privileges.
 
3. Issue command: reset-computermachinepassword -server SERVERNAME -credential DOMAIN\ADMINACCOUNT
   If error "Reset-ComputerMachinePassword : A parameter cannot be found that matches parameter name ‘credential’.",
   then update Powershell to version >=3.
 
4. Issue command: restart-computer
 
 
As you might have guessed, I was stumped over the error at 3. and it took some googling to find that this was cause by old Powershell version.
 
Thanks for the solution! This was much easier than doing a bare metal restore!!!
Link to comment
Share on other sites

Just curious, what is the OS on the client?

Windows 7 SP1

I also may have found the issue what caused the computer to go out of sync in the first place. Checking the network settings, I found that the network was set to  "public" rather than "home". Maybe some important communication between server and client did not get across because of that setting. Could that be?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...