Win 2012 domain”The trust relationship between this workstation and the primary domain failed” fixed remotely without local credentials

active-directorywindows-server-2012-r2

We have a workstation that is getting the error "The trust relationship between this workstation and the primary domain failed" on logon.
The local logon information is not known on this workstation.
Other than physically being at the computer to reset the local credentials and rejoin to the domain (or netdom) can this issue be fixed on the DC ?

basically, can the workstation trust to the domain be fixed from the DC (or any other workstation on the domain) if local privileges on the affected workstation is not known and cannot be reset?

Best Answer

If you can gain access to a command prompt on the remote computer, via:

Enter-PSSession BrokenWorkstation

then you can use:

Test-ComputerSecureChannel –Credential YourDomain/DomainAdmin -Repair

There is also the possibility that it is just the system password that is messed up, so could use this too:

Reset-ComputerMachinePassword -Credential YourDomain/DomainAdmin -Server dc.yourdomain.local

That is if you have Powershell v3 on the workstation. If not then try the following:

WMIC /node:BrokenWorkstation process call create "netdom.exe resetpwd /s:dc.yourdomain.local /ud:YourDomain/DomainAdmin /pd:*"
Related Topic