How to troubleshoot workstation Trust relationship issues on Domain

By | April 11, 2016

How Trust relationships affect the Computers?

Domain joined workstations and member servers are had a Trust relationship with Domain in order to authenticate, and reset the computer account password every 30 days by default, you will get the below error if any mismatch between computer password on workstation and on Domain controller

Also Read: Active Directory Replication failed with “Target principal name is incorrect”

Also Read: AD Slow Authentication and prompting for credentials again and again

Event ID 5723: The trust relationship between this workstation and the primary domain failed.

The session setup from the computer DOMAINMEMBER failed to authenticate.
The name of the account referenced in the security database is DOMAINMEMBER$.

How to check and confirm computer account issue

You can check this with net command to check the trust relationship, run this from local Domain controller with Domain Admin permission

net use \\computername

net view \\computername

Computer must me connect to network to check this, you will get the Access is denied error or any other error

Also Read: Domain Controller failed test Machineaccount on DCDIAG

Why this error occurs/ trust relationship between this workstation and the primary domain failed

As I said all computer account change the password every 30 days by default, while doing the password change it contacted authenticated Domain Controller/ secure channel (SC) Domain Controller, if any network issue between Domain controller and workstation will affected the new change password update to DC and that cause the issue

Also Read: Active directory Troubleshooting (Part1 – Diagnostics Logging)


Mostly this will affect the legacy operating system like Windows Xp/windows server 2003, just disjoin and rejoin the machine to the domain to resolve the issue, you should have a required permission to do this

Operating system like windows server 2008/2012 are not affected by this issue, even the same solution will apply if you get this issue in windows server 2008/2012 R2

Also Read: Active Directory real time issues and solutions


Leave a Reply

Your email address will not be published. Required fields are marked *