Introduction

You might have encountered this error message many times: “The trust relationship between this workstation and the primary domain failed”.
The general solution is dis-joining and re-joining the domain. Any other ways without doing so? The answer is yes.

Error message

The trust relationship between this workstation and the primary domain failed.
此工作站和主域之间的信任关系失败。

Solution: without rejoining the domain

Login as local administrator account, run Powershell with elevated privileges and type this command:
Reset-ComputerMachinePassword -Server "DC1.contoso.com" -Credential domain\Administrator

After reset the computer password, log off current account and login with domain account.

How it works!

The key reason the workstation lost trust is because this computer account’s password has been updated or expired in the Active Directory, however the workstation itself doesn’t know it.
We can reset the password now by Powershell command-let as mentioned above.

Also, to avoid this, there is a GPO setting that defines how long time the password will be updated:
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Domain member: Maximum machine account password age

Reference

[1] Reset-ComputerMachinePassword
[2] Domain member: Maximum machine account password age