Occasionally I’ll receive a report that domain users cannot login to a specific laptop, citing an error message “The trust relationship between this workstation and the primary domain failed.” It’s worth noting that although domain accounts cannot be used to sign in, local computer accounts may still be used.
Microsoft has issued two solutions to this problem. One solution involves logging into the PC using a local computer account and taking the PC off the domain, reboot, sign in again with local account, and once more join the laptop to the domain. This works, but it’s slow.
A better solution that takes less time requires us to use a powershell cmdlet. Again, login to the PC with a local account and issue the following in Powershell running with Administrative rights.
$creds = Get-Credential Reset-ComputerMachinePassword -Credential $creds -Server dc1.domain.edu
The first command will display a prompt that will collect username and password that will be used to execute the next cmdlet. Be aware you must provide an account with Domain Admin privileges. After execution, log out. You may now log in again using domain accounts.