Rejoin Domain Using CMD To Fix Failed Trust Relationship

At some point you may run into an issue “The trust relationship between this workstation and the primary domain failed” and here are a few steps to rejoin domain using CMD.

  1. Have the ability to log in with a local Administrator account, For EX: by typing, “.\Administrator” in the login window. If you’re creative and resourceful you can hack your way in without the password.


  2. Now you need to make sure that netdom.exe is working. Netdom.exe depends on what version of Windows you’re running. With Windows Server 2008 and Windows Server 2008 R2 netdom.exe needs to be enabled in the Active Directory Domain Services role. On Windows Vista and Windows 7 you will have to get it from Remote Server Administration Tools (RSAT). Google can help you get them. For other platforms see this link: http://technet.microsoft.com/en-us/library/ee649281(WS.10).aspx


  3. Oce step 1 and 2 are done we can run netdom.exe to change the password. Open “CMD” command prompt as administrator and type the following command: netdom.exe resetpwd /s:<server> /ud:<user> /pd:*
netdom.exe resetpwd /s:<server> /ud:<user> /pd:<PW>

<server> = The domain controller hostname, you may have to use full FQDN.

<user> = This would be the DOMAIN\DomainAdmin Account to join domain.
  
<PW> = Would be the DomainAdmin password.

4. Once you get a successful message Reboot the machine.

NOTE: If you are getting an error message that you cannot find domain or server make sure discovery is turned on. You can also edit your hosts file with the ip and host name of the DC.


Discover more from Patrick Domingues

Subscribe to get the latest posts to your email.

author avatar
Patrick Domingues

Leave a Comment

Stay Informed

Receive instant notifications when new content is released.