10 March 2016

Fix broken trust relationship without rejoining domain

To fix the seemingly-random "The trust relationship between this workstation and the primary domain failed" error, you can remove the PC from the domain, then re-add it. Sometimes doing this is a PITA.

You can often fix the error using netdom.exe with the below steps. You can do it through your remote access utility, or by logging in as a local administrator.

  1. Extract netdom.exe and netdom.exe.mui from the Remote Server Administration tools. Or grab them from a machine that already has the tools installed.
  2. Put netdom.exe in C:\Windows\System32\ , and netdom.exe.mui in C:\Windows\System32\en-US\ , on the broken PC.
  3. Run the following command on the broken PC:

    netdom.exe resetpwd /s:myserver /ud:MYDOMAIN\adminuser /pd:(adminpassword)

    (Where "myserver" is your domain controller, "MYDOMAIN\adminuser" is a domain administrator, and "adminpassword" is the domain administrator's password.)