When trying to log in to PC using a domain credential you get the following error:
“The trust relationship between this workstation and the primary domain failed” error when you log in to Windows 7
At this point I would usually re-join to the domain or run the Network Wizard, reboot, and continue on. There has to be a better way. And in-fact, there is via the Powershell command:
Reset-ComputerMachinePassword –server -credential
However, when I ran the command to reset the password I got an error stating the account could not be found on the domain controller:
PS C:\A3336> Reset-ComputerMachinePassword -server DELLR710 -credential AP\client_admin
Reset-ComputerMachinePassword : Cannot find the computer account for the local computer from the domain controller DELLR710.
At line:1 char:1
+ Reset-ComputerMachinePassword -server DELLR710 -credential AP\client_admin ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (A3336:String) [Reset-ComputerMachinePassword], InvalidOperationException
+ FullyQualifiedErrorId : CannotFindMachineAccount,Microsoft.PowerShell.Commands.ResetComputerMachinePasswordCommand
PS C:\A3336>
The fix was to create the account on the domain controller which I was able to do with Powershell on another PC that had Remote Server Administration Tools (RSAT) installed.
PS C:\AP01-1255-915> New-ADcomputer –name "A3336" –SamAccountName "A3336" -Enabled $true
PS C:\AP01-1255-915>
Now when the command is run on the client PC I am prompted to enter a username and password with permission to join computers to the domain and the command completes successfully.
PS C:\A3336> Reset-ComputerMachinePassword -server DELLR710 -credential AP\client_admin
PS C:\A3336>
http://implbits.com/active-directory/2012/04/13/dont-rejoin-to-fix.html
https://ss64.com/ps/reset-computermachinepassword.html
https://support.microsoft.com/en-us/help/2771040/the-trust-relationship-between-this-workstation-and-the-primary-domain
Charles Haven 