“The trust relationship between this workstation and the primary domain failed”

So this isn’t really a new problem, but in Windows 7 it’s become more frequent it seems. It can happen for a number of reasons, but often it’s related to a time-skew between the domain controller and the workstation. Certain computer models seem to be more prone to this than others, though I don’t have any data on that, just my experience.

Regardless. You get this:

…and you don’t want it.

You could log in as local admin and disjoin/rejoin the domain; but if you’ve got a few computers to manage, that’d be a bit of a hassle. So you need to create a GPO /GPP to push out a few files. If all of your workstations have this, it’ll take you 30 seconds to fix it.

– Netdom.exe to c:\windows\system32

– Netdom.exe.mui to c:\windows\system32\en-US

And I’ve been awesome enough to jot together this PS script with will basically ask you for admin-logon and password, and reboots the computer. All you need to do is remember to edit the script to include the correct domain name ($domain) and domain controller ($dc) before deploying it.

Also you’ll need to deploy a .cmd file to fire the script. All files are .zip’ed at the bottom.

Of course, keep in mind you still have to log on as local admin and run the script. But it’s still the fastest option to date AFAIK.

Have fun!


## Rejoins domain on failed Domain Trust relationship
## Initial v. by Kristoffer Birkenes, 18/01/13

Function ConvertTo-PlainText( [security.securestring]$secure ) {
$marshal = [Runtime.InteropServices.Marshal]
$marshal::PtrToStringAuto( $marshal::SecureStringToBSTR($secure) )
write-host “Enter you administrator credentials”
write-host “”
$username = read-host “User name”
$secpassword = read-host -assecurestring “Password”
$plainpassword = ConvertTo-Plaintext $secpassword
$domain =
$dc =
$username = $domain+”\”+$username

netdom.exe resetpwd /server:$dc /userD:$username /passwordD $plainpassword
write-host “”
write-host “The computer requires a reboot for the changes to take effect”
$reboot = read-host “OK to reboot (y/n)?”

if ($reboot -eq “y”){
shutdown.exe /r /t 00




powershell.exe -command “set-executionpolicy -executionpolicy unrestricted”
powershell.exe .\ReJoin.ps1


Download: ReJoinDomain

3 thoughts on ““The trust relationship between this workstation and the primary domain failed”

  1. Shane

    Hey there! Would you mind if I share your blog with my zynga
    group? There’s a lot of folks that I think would really
    enjoy your content. Please let me know. Many thanks


Leave a Reply

Your email address will not be published. Required fields are marked *