Announcement

Collapse
No announcement yet.

The trust relationship between this workstation and the primary domain failed

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • The trust relationship between this workstation and the primary domain failed

    Hi all

    A colleague has suggested I join this forum and post my issue to it, so here goes.

    We are currently in the process of some major changes to our AD infrastructure and workstations.

    We are currently at Windows 2003. I have carried out the necessary forest/domain preps and introduced a Windows 2008R2 domain controller. The FSMO roles are still on the Windows 2003 DC's.

    Since the addition we are having failures on some of the Windows 7 workstations and Windows 2008 member serves, they are failing with "the trust relationship between this workstation and the primary domain failed"

    Hunting around trying to find a cause the only common factor I can find is that on the failing workstations the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\servic es\Netlogon\Parameters\RequireStrongKey is set to 1.

    Does anyone know if there is a partner value that I can check on the domain controller to see if there is a conflict? If not any ideas on how to resolve this?

    Thanks

    Steve

  • #2
    Re: The trust relationship between this workstation and the primary domain failed

    Have you compared that entry against a machine that ISN'T giving you any issues? Reading TechNet, it can be 1 or 0. Since we're talking about data encryption, certificates must match, and that's where the keys come in. you may not be using strong keys somewhere in the environment, hence maybe your value should be 0.
    *RicklesP*
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **

    Comment

    Working...
    X