Application Packaging, Green, How-To Guides

Kind of Fixing VMware error – “The trust relationship between the workstation and the primary domain has failed”


If you have used VMware in a corporate environment it is very likely you have seen the message before;

The trust relationship between the workstation and the primary domain has failed.

It is annoying and is one of those things you just don’t want to run into while in the middle of figuring out a more important packaging issue with an application.


Why does it happen?

This message occurs because the VM’s machine account is on the domain. And since it is on the domain it syncs it’s password with the domain every 30 days to make sure the domain is aware of any changes and the machine is aware of any password policy changes as well. However since you generally use a VM so that you can revert to a saved state, the password sync between your VM and the domain gets thrown off. Once the domain decides that your VM is out of sync it disconnects the VM from the domain to protect itself.


How can you fix it?

According to VMware’s official KB (KB2100393) you should create a new policy on your tenant AD server. Unfortunately you don’t always have access to your AD server to make that policy.

What you can ┬ádo is edit the registry of your virtual machine so it stops the check for the password sync. The reason this post says, “Kind of Fixing” is because this may or may not work.

The consistency of this registry hack working is not perfect, but it is something simple you can try to┬áremove this reoccurring headache. For more information on this type of fix visit Microsoft’s page here.


Registry Edit Steps:

1. With admin rights launch regedit.exe from within your VM

2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

3. Double click the entry for DisablePasswordChange

4. Make the value 1 instead 0

5. Save your changes

6. Cross your fingers and hope it works for you.