How do you fix a trust relationship between workstation and domain?
CTX227147 Article | Configuration 3rd party / compatibility | {{likeCount}} found this helpful | Created: {{articleFormattedCreatedDate}} | Modified: {{articleFormattedModifiedDate}} Users cannot log on to a system using Active Directory credentials and the following error message appears: This issue is seen when the session logon is attempted through Remote Desktop Protocol, ICA, or directly at the console. Only logons using local accounts are successful. The underlying problem when this error is seen is that the machine you are trying to access can no longer communicate securely with the Active Directory domain to which it is joined. Solution
First, determine which component is having the issue. Then use the repair method that works best for your environment. Provisioning Services Server, XenDesktop or XenApp Delivery Controller or XD/XA VDA: (Warning ! Never use Option 1 to reset machine account password for a PVS Target Device. See "Provisioning Services Target Device" under Option 4.) Option 1: Reset the Computer Account Password in AD Users and Computers Option 2: Reset via PowerShell Option 3: Change the domain value in the System properties of the machine from the FQDN to the NETBIOS name (or vice-versa).(NOTE: Not applicable to delivery controller as per https://support.citrix.com/article/CTX215880 ) i) Login as a local administrator. Option 4: CMD line using NETDOM tool: 1. Logon to the machine with a local administrator account. 2. Obtain the tool netdom.exe from Windows Server 2008 or Windows Server 2008 R2 CD to enable the Active Directory Domain Services role. 3. Note: For Windows Vista and Windows 7, utilize the Remote Server Administration Tools (RSAT) to enable the Active Directory Domain Services role. 4. Run netdom.exe to change the password. 5. Open command prompt with administrator rights. 6. Execute the command: netdom.exe resetpwd /s: 7. Restart the machine The brokern Domain Trust Relationship usually occurs in PVS due to the database containing an old password. This will happen if you initiate a password reset directly from Active Directory or the Target Device. Only resolve this using the PVS Console. Make sure that you have configured the PVS environment properly. Problem CauseThis can happen for a number of reasons. This article address the situations where the machine account password needs to be reset. These are the non-destructive methods for fixing the most common causes for the trust relationship issue. For example:
Additional ResourcesDisclaimerCitrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items. How do you fix the trust relationship between this workstation and primary domain failed?There is a very straightforward step you can take using Active Directory Users and Computers (ADUC) to perform the same function as the two previous command-line methods. Simply locate the computer workstation in your directory, right-click on the computer object, and click 'Reset account.
What does it mean when my computer says the trust relationship between this workstation and the primary domain failed?“The trust relationship between this workstation and the primary domain failed” Error Message. When an AD domain no longer trusts a computer, chances are it's because the password the local computer has does not match the password stored in Active Directory. The two passwords must be in sync for AD to trust a computer.
How do you build trust relationship with a domain?Log onto domain y as Administrator.. Start User Manager for Domains (Start - Programs - Administrative Tools). Select "Trust Relationships" from the Policies menu.. Click the Add button to the Trusting Domains box.. Enter the name of the domain you want to be able to trust you, i.e. domain x.. How do I reconnect my workstation to my domain?To join a computer to a domain
Navigate to System and Security, and then click System. Under Computer name, domain, and workgroup settings, click Change settings. On the Computer Name tab, click Change. Under Member of, click Domain, type the name of the domain that you wish this computer to join, and then click OK.
|