If you are in tech support, no doubt you have faced this problem a few times.
In the past, one would simply disjoin the machine from the domain and add it back and resolve the issue this way.
I came across a solution to fix it through PowerShell, but it never worked.
However, in recent times, the PowerShell method has worked for me and this is what I do on the affected workstation to resolve the issue.
- Check if Microsoft .NET Framework 4.5 is installed (browse to Framework or Framework64 folder in C:WindowsMicrosoft.NET). If not, download the package from http://www.microsoft.com/en-us/download/details.aspx?id=30653 and install it.
- Restart the machine after install.
- Download and install Windows Management Framework 4, which includes PowerShell 4. http://www.microsoft.com/en-us/download/details.aspx?id=40855.
- Restart the machine after install.
- Check PowerShell version (http://blogs.technet.com/b/heyscriptingguy/archive/2013/06/02/powertip-determine-powershell-version.aspx) to verify it’s version 4.0
- Open PowerShell as Administrator and execute this command:
[box]Reset-ComputerMachinePassword -Server Domain Controller Fully Qualified Domain Name -Credential Domainadmin account[/box] - Restart the machine.
You should now be able to log back into the domain.
Hopefully, this means we don’t have to go through the disjoin drama anymore 🙂
Thanks for reading.
Thank Sri 🙂
Great post!
You can prevent the error: “The trust relationship between this…” with a domain GPO.
Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Security Options
Domain member: Disable machine account password changes
Domain member: Maximum machine account password age
Source:
http://www.sysadmit.com/2015/08/mware-y-ad-la-relacion-de-confianza-entre-esta-estacion-de-trabajo-y-el-dominio-principal-fallo.html
Thanks Yumi for your input!
Sri