Just adding this post as reference on howto solve TRUST RELATIONSHIP ERROR which may appear when you try to login to your workstation/server using domain account.
In this post I have used NETDOM / Windows network wizard & Powershell methods. All worked fine for different OS
Method # 1 / NETDOM command
[Tested on various OS including Windows 2008/2016]
Login on the effected computer using any of below method
- Using the local admin account
- OR if you dont have the local admin account, then simply unplug the wire/wireless and then login with your domain ID and it will login using cached credentials, but this ID must have Admin privileges on local computer)
Open COMMAND prompt & Issue following command
netdom resetpwd /s:domainserver /ud:domain\admin /pd:YOURPASSWORD
Example if you have following setup
- AD Server Name : DC01
- Domain Name : mydomain.local
- User Name : DOMAIN_ADMIN_ID
Complete CMD example …
netdom resetpwd /s:dc01 /ud:mydomain.local\domain_admin_id /pd:YOURPASSWORD
Once you see successfull message , logoff or restart the machine, and then login with domain user account & hopefully it will login insha Allah.
Method # 2 / Powershell (version 3 required)
To reestablish trust you can also use powershell command. (You must have at least PS ver3. windows 2008/7 have ver 2 by default, so you may want to upgrade it from MS site here …)
PS command:
Test-ComputerSecureChannel -repair -Credential (Get-Credential)]
It will ask you to enter account credentials, , simply enter domain\ID and password of domain Admin account, and enter.
After then simply log off and login with your domain id (or better to restart the system) and it will work Insha Allah.
Method # 3 (For Windows XP/7/10 Only which have network wizard option)
I accidentally deleted some COMPUTER accounts under Active Directory Users > Computers section, This resulted in Trust relationship error on various workstations,
At client side, unplug Wire, (& disable WiFi) , this will allow you to logon to workstation using your domain account,(Make sure your domain user have local admin rights,) then simply run the network wizard ,
Then reboot & will be restored just like in previous working condition.
if you use the network wizard, you dont have to join – re-join the domain, it will simply add the computer entry in AD.
If your domain account don’t have ADMIN privileges, then you have to login with system local admin account. If you even dont have local admin account then reset it from any password crack utility.
if nothing works, then you have to unjoin this workstation from the domain, and re join it. If you use same user id on rejoining then you will see the same user profile as before.
Upgrade Powershell in 2008
To upgrade powershell ver 2.0 to new version in windows 2008 R2 , do following
- First Install dot-Net-Framework_4.5 (Download link from Microsoft)
- Then install Management Framework 3.0 (Download link from Microsoft)
For Win 2008 R2 , I used `Windows6.1-KB2506143-x64.msu`
Afterwards It may ask you for a restart … Do so so changes can take effect.
Regard’s
Syed Jahanzaib
Syed Jahanzaib - Personal Blog to Share Knowledge ! 