Tag Archives: Trust Relation Ship

Computer has lost trust relationship with the Domain – KB10391592


Error “Security database does not have a computer account for this trust relationship”

Description:  Client cannot log into their computer and get an error about trust relationship with the domain.

Common customer description: I can’t log into my computer.

Probing questions:

Were you able to log in before?
When did this start?

Steps to isolate: If the computer has lost its trust relationship the easiest way to verify is to check Active Directory (Computers) and see if the computers hostname is listed.  If it isn’t listed then follow the next steps.

Steps to resolve:

1: Have the client unplug the network cable.
2: Have the client log into the computer with the network cable unplugged.
3: Once the client is logged in have them reconnect the network cable.
4: Get connected to the clients computer via G2A or LogMeIn
5: After getting connected make sure a user account has a local administrators account.

(Steps to add a user account to local administrators group)
1: Go into control panel
2: Open Administrative Tools
3: Double click Computer Management
4: Expand Local Users and Groups
5: Click on Users
6: Right mouse click in an open area and left mouse click New User
7: Add a user account with a password
8: After added right mouse click on the new user and left mouse click on Properties
9: Click on Member Of tab
10: Click on Add and in the new box type in Administrators (Please note you will need to type out the entire name) and click Ok
11: Feel free to add Remote Desktop Users as well (Please note you will need to type out the entire name)
12: Close all windows you opened.

(Finish up removing and adding the computer to the domain)
6: Right mouse click on Computer and left mouse click on Properties.
7: Click on Change Settings.
8: Under the Computer Name tab click on Change.
9: Record the domain name the computer is trying to connect to.
10: Switch it from Domain to Workgroup and type in Workgroup.
11: Use the new user account credentials when prompted.
12: Reboot the computer when prompted.
13: Tell the client NOT to log into the computer and let you log in as the new user.
14: After you have logged in remove the computer from the Workgroup and place it back on the domain.
15: Reboot when prompted.
16: Have the client log in after the computer reboots and verify everything is working as it normally should.

Additional considerations: If this still does not allow the computer back onto the domain you can try all the steps mentioned above once again.  But after you have placed the computer on the Workgroup and rebooted try changing the computer name.  Example: Bobs-pc change to Bobs-pc1

Then try placing the computer back on to the domain.  Sometimes Active Directory locks out the original computer name but this rarely happens.