"Trust relationship between this workstation and the primary domain failed" error in Windows
This article provides a solution to an error that occurs when you try to log on to your domain in Windows.
Applies to: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1
Original KB number: 2914474
Symptoms
You may be intermittently unable to log on to your domain in Windows. In this situation, you receive the following error message:
The trust relationship between this workstation and the primary domain failed.
Additionally, when you check the machine account in Active Directory Domain Services (AD DS), it shows that the machine password was changed recently.
Note
To work around this problem, restart the client computer.
Cause
This problem is caused by the same problem that is fixed in hotfix 2545850.
Resolution
To resolve this problem, install hotfix 2545850.
More information
If you take a network trace during the failure, you find the following:
A TGT request that resembles the following is sent from the client computer to the domain controller:
KerberosV5:AS Request Cname: machineAccount$ Realm: Contoso.com Sname: krbtgt/contoso.com
A response request that resembles the following is sent from the domain controller to the client computer:
KerberosV5:KRB_ERROR - KDC_ERR_PREAUTH_FAILED (24)
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for