SharePoint Experts, Information Architects, Expert Witness

We provide consulting in a broad array of business and technology from architecture to design to deployment of global systems with a focus on surfacing data in the enterprise. Specialists in Microsoft, we are a premier provider of SharePoint Expertise (including 2016 and Office 365). We also provide Expert Witness/Legal Expert in eDiscovery, source discovery, patent infringement, piracy and more! We also have established SICG DLDS s.a. - our counterpart in Costa Rica that specializes in water systems (http://www.crwatersolutions.com) - Contact me direct: david_sterling@sterling-consulting.com or call 704-873-8846 x704.

Search This Blog

Tuesday, October 27, 2015

The Trust Relationship Between This Workstation And The Primary Domain Failed

So every now and then, I've come across the error when trying to login to a server:

The Trust Relationship Between This Workstation And The Primary Domain Failed

There are a number of reasons this can happen - basically it means that the Domain Controller and the Server are not communicating. For example, if a domain controller goes down and the server brought up, it cannot communicate to authenticate the server in the domain. This can also happen when system recoveries are necessary or when restoring a Virtual Machine.

One method (though not the best) is to simple login to the server as an Administrator, go to the System Properties, leave the domain by specifying a temporary workgroup name (you'll need the AD Administrator account & password), reboot then join the domain again.

However, there are two better ways to do this by simply resetting the Server Password in Active Directory from the Server you are having issues with. Login as the Server Administrator then via a Command Line (using Run as Administrator), enter the following:

netdom.exe resetpwd /s:<AD server name> /ud:<user name> /pd:*

Where 'AD server name' is the name of the Active Directory server and 'user name' is an account (in format of domain\name) that has permssions in AD.

Note that when you enter this command, it will prompt for a password to the account you specified.

Alternately, you can use PowerShell:

Reset-ComputerMachinePassword [-Credential <PSCredential>] [-Server <String>]

Where 'PSCredential' is the login name and 'String' is the name of the domain controller. For more info on the PowerShell command, see here:

https://technet.microsoft.com/en-us/library/hh849751.aspx

Once either of these methods are used, I suggest rebooting the server - when it comes back up, login with a domain account.


No comments: