How to fix issues of relationship between a PC and DC

The trust relationship between this workstation and the primary domain failed

For some reasons you may face some issues regarding relationship between a computer account and the Domain. For example, if a computer stayed 30 days or more without authentication in a Domain Controller, its credential needs to be validated again.

Most of the Domain Administrators unjoin the computer from the domain join it again! It’s works, but you need a reboot to complete and this tasks can be easily done.

To do this steps, you need to run the commands on the computer which a domain user couldn’t log on and you need to log on locally to do this job. In username field, put .\Administrator and then, insert the password. If you don’t remember the password or the Admin Account is not activated, remove the network cable and disable the wifi, reboot the computer and put your Domain credential.

Doing that, you are using the credential stored locally on SAM Database (Security Accounts Manager) – Read more.

Using Powershell, you can check/validate if a computer really is facing some trouble and then, fix it.

The command is: Test-ComputerSecureChannel

If you type it and the result was FALSE, you need to fix it.

Run: Test-ComputerSecureChannel -Server YOURDC -Repair -Verbose

In case of success, you’ll see the result TRUE

* In case of any error related with the computer account, go to DC, open the Active Directory, find the computer account, Delete it and create it again with the same name.

Another way to fix it is using NETDOM RESETPWD. For further information about that, you can see here.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s