One of my client computers running Windows 7 suddenly refused to logon because of a trust failure. For some strange reason, the domain trust relationship between the Windows Server 2003 primary domain controller and Windows 7 client failed. All accounts -including the domain administrator’s one- are denied access, and logging in becomes impossible because domain trust relationship failed. The system keeps displaying the following message:
The trust relationship between this workstation and the primary domain failed
In Active Directory, trusts are authentication pipelines. Once this pipeline fails, your sysadmin won’t be happy at all…
Now my Windows 7 client is locked. I tried with the local Administrator account but it was disabled hence no way to leave and rejoin domain in order to re-establish the domain trust relationship. Looks like Microsoft needs to update their Support Center article…
What to do if Trust relationship Failed? How To Fix Domain trust?
You don’t need to modify any domain and trust settings on your server, the fix is really silly! The solution is to unplug the network cable before booting, this will bypass the trust failure limitation. Once logged in, replug the network cable. Simple, isn’t it? Now you can easily leave the domain, reboot and then join again the domain. This will restore the failed workstation trust relationship between the client and the server and the user account will be working again 😀
UPDATE: It looks that this is not the safest solution to restore trust relationship. Please have a look at Marco Schirrmeister comment below as he explains 2 alternatives fixes to solve this problem in a cleaner way.
Have you encountered this problem before? How were you able to restore the trust relationship between the domain controller and the Windows client? Let me know if you have other solutions for this problem.
PS:I found the solution on this blog, and one of the readers was kind enough to share the quick fix for this problem.