Windows 7 (WES7) The Trust Relationship Between This Workstation And The Primary Domain Failed

stibbetts1

New Member
Joined
May 24, 2012
Messages
8
I've looked through the applicable posts on this and other forums and I can't seem to find an answer. We have a mix of domain joined Thin Client and ThinPC devices in one of our remote locations running WES7 Enterprise. Shortly after these devices were built, we started seeing "trust relationship" errors and we've been able to fix them in the past by re-joining them to the domain but this issue has been getting progressively worse as it started with one or two here and there but now, it seems like it's at least 10-20 per week. I've looked through the security logs on the devices themselves but couldn’t find anything useful. We have a few FAT W7 Enterprise devices in the same office and those never seem to have the trust relationship issue so I’m wondering if this is a known issue with WES7? Would not having a domain controller at this site contribute this probelm?
 


Solution
The issue you're facing with the "trust relationship" errors on your domain-joined Thin Client and ThinPC devices in a remote location running Windows Embedded Standard 7 (WES7) Enterprise can be quite frustrating. Let's break down the possible reasons for this problem and how you can address it:

Causes of the "Trust Relationship" Issue:​

  1. Computer Account Password Mismatch: This error typically occurs when the password stored on the computer does not match the password stored on the domain controller for that computer account.
  2. Secure Channel Disruption: Issues with the secure channel between the computer and the domain controller can lead to trust relationship problems.

    Possible Solutions:​

    ...
The issue you're facing with the "trust relationship" errors on your domain-joined Thin Client and ThinPC devices in a remote location running Windows Embedded Standard 7 (WES7) Enterprise can be quite frustrating. Let's break down the possible reasons for this problem and how you can address it:

Causes of the "Trust Relationship" Issue:​

  1. Computer Account Password Mismatch: This error typically occurs when the password stored on the computer does not match the password stored on the domain controller for that computer account.
  2. Secure Channel Disruption: Issues with the secure channel between the computer and the domain controller can lead to trust relationship problems.

    Possible Solutions:​

  3. Rejoining to Domain: This is the common quick fix to restore the trust relationship. However, if this issue is becoming more frequent, it's essential to investigate the root cause.
  4. Network Connectivity: Ensure stable network connectivity between the devices and the domain controller. Intermittent network issues can contribute to trust relationship problems.
  5. Time Synchronization: Make sure that the time is synchronized between the domain controller and the client devices. Time differences can cause authentication failures.
  6. Check Group Policies: Review group policies that might affect secure channel communications or password policies.

    Lack of Domain Controller at the Site:​

    • Not having a domain controller at the remote site can definitely contribute to trust relationship issues, especially if the devices are unable to reach the domain controller for regular updates and authentication.
    • Consider setting up a Read-Only Domain Controller (RODC) at the remote site for better authentication and to reduce trust relationship errors.

    Investigating Further:​

    • Event Logs: Check event logs on both the client devices and the domain controller for any specific error messages that might shed light on the cause of the trust relationship failures.
    • Wireshark: You can use Wireshark or network monitoring tools to capture network traffic and analyze the communication between the devices and the domain controller for any anomalies.
    By addressing network stability, time synchronization, group policies, and considering the setup of a domain controller or RODC at the remote site, you can work towards resolving the trust relationship issues with your WES7 devices effectively.
 


Solution
Back
Top