FusionAccess Version : V100R005
When login to VMs, an error message prompt up showing "The trust relationship between this workstation and the primary domain failed." In additionally, FusionAccess portal showing the VMs login status are "unregistered".
The default setting for the default domain policy which will renew the password every 30days:
a. At the moment the client trying to update the password, client cannot
contact with the domain which causing the password update failed.
b. Since, the password in AD is expired and client cannot update
the password at the same time. Hence, the secured communication channel will be automatically cut off between the AD and client.
In other to avoid this issue, we can change the default domain policy by changing the security setting of "Domain member: Disable machine account password changes" to "Enabled".
Step 1. run gpedit.msc in command prompt.
Step 2. Go to "Computer Configuration\Policies\Security Settings\Local Policies\Security Options\Domain Member: Disable machine account password changes"
Step 3. Change the security setting of "Domain member: Disable machine account password changes" to "Enabled".
Step 4. Check whether the user account is exist in the AD server.
The root cause of this issue, "The trust relationship between this workstation and the primary domain failed." is usually occured under a few circumstances below:
1. User account in AD server doesnt exist or accidentally deleted.
2. VMs unable to update password in AD.
In conclusion, the reason is usually because of different password in AD and VMs causing the secured channel communication failed.