Trust Relationship Between This Workstation And The Primary Domain Failed

April 9th, 2014 by

This perhaps isn’t the best time of the year to be posting about trust relationship breakdowns, but this is the only post I have ready to go (I have a couple of series of posts I intend to do soon).

I make quite a lot of use of virtual machines for testing and writing because of the flexibility and ease of taking a snapshot before doing something risky so the machine can be reset. After doing so one day, I ran into a problem I hadn’t seen before after restoring one virtual machine to a snapshot:

The trust relationship between this workstation and the primary domain failedThe trust relationship between this workstation and the primary domain failed

The machine was part of the DOMAIN.azurecurve.co.uk which will be what the trust relationship had failed against. I switched user and tried to log in using a local user account:

Other user log in

As long as you can log into the virtual machine as a local user then the problem is easily fixable. Go into System (Ctrl + Break), click Change settings and then click Change…. Change Member of to Workgroup and click OK:

Computer Name/Domain Changes

You’ll be reminded that now the machine has been removed from the Domain, the local adminstrator account’s password will be needed. Click OK to confirm and proceed:

Computer Name/Domain Changes - After you leave the domain, you will need to know the password of the local administrator account to log in to your computer. Click OK to continue.Computer Name/Domain Changes – After you leave the domain, you will need to know the password of the local administrator account to log in to your computer. Click OK to continue.

Click OK to the Welcome to the WORKGROUP workgroup message:

Computer Name/Domain Changes - Welcome to the WORKGROUP workgroup message

Confirm the restart message:

Computer Name/Domain Changes - You must restart your computer to apply these changes. Before restarting, save any open files and close all programs.Computer Name/Domain Changes – You must restart your computer to apply these changes. Before restarting, save any open files and close all programs.

Restart the machine and re-open the Computer Name/Domain Changes window and change the Member of back to your Domain:

Computer Name/Domain Changes

Enter a Domain username and associated password and click OK:

Windows Security - Computer Name/Domain Changes - Enter the name and password of an account with permission to join the domain.

Click OK to the Welcome to the domain message:

Computer Name/Domain Changes - Welcome to the DOMAIN.azurecurve.co.uk domain.

Confirm the restart message:

Computer Name/Domain Changes - You must restart your computer to apply these changes. Before restarting, save any open files and close all programs.Computer Name/Domain Changes – You must restart your computer to apply these changes. Before restarting, save any open files and close all programs.

Click Restart Now to restart the virtual machine:

Computer Name/Domain Changes - You must restart your computer to apply these changes. Before restarting, save any open files and close all programs.Computer Name/Domain Changes – You must restart your computer to apply these changes. Before restarting, save any open files and close all programs.

Once the virtual machine has restarted, will be able to log in as a Domain user again.

I did some investigation and this seemed to be the best/easiest way of resolving the issue. However, if someone knows a better/more efficient way than removing the VM from the domain and adding it back I’d appreciate hearing about it in the comments.

Source: azurecurve

Leave a Reply