You are here
Home › Dennis Faas › How to Fix: VM Can't Connect to Windows Server (No Trust Relationship)How to Fix: VM Can't Connect to Windows Server (No Trust Relationship)
Infopackets Reader Jeff L. writes:
" Dear Dennis,
I have a Windows 7 machine I'm trying to virtualize, which is connected to a Windows Server 2012 network. The issue I'm having is that the newly created virtual machine works fine after it's been virtualized but later it won't work. Whenever I try and login to the network, I receive an error message 'The security database on the server does not have a computer account for this workstation trust relationship.' I am using VMWare Workstation as the hypervisor. I have tried everything I can think of to fix this but there is absolutely no way for me to login using the virtual machine. I would like to hire you to look into this for me as I am at my wits end! "
My response:
I asked Jeff if he would like me to connect to his machine using my remote desktop support service, and he agreed.
This problem was extremely frustrating to figure out that it took me almost an entire day. There are so many variables involved in a problem like this, being that it is a network, a virtual machine, and a Windows Server issue. Searching for the error message 'The security database on the server does not have a computer account for this workstation trust relationship.' on Google brought up many articles, but few that had anything to do with the environment we were working with.
With that said I'll go through this problem using a step-by-step approach, in case anyone else reading this is pulling out their hair trying to resolve this!
How to Fix: VM Can't Connect to Windows Server (No Trust Relationship)
- The first thing you will want to do is to ensure that the virtual machine network is in fact working and you can ping the Windows Server (and vice versa). Trying to test this however brings a 'double edged sword' problem. The issue is that you can't test the network without logging into
to the desktop, and you can't login to the desktop because the error 'The security database on the server does not have a computer account for this workstation trust relationship.' keeps appearing, effectively locking you out.
To get around this, temporarily disable the network adapter on the virtual machine. Doing so will allow you to login to the Windows Server domain; once you're in, you can enable the network adapter again, ping the server, then go to the server and ping the virtual machine to ensure traffic is flowing both ways. For what it's worth, I always use "Bridged Networking" when using a virtual machine and VMWare Workstation as this connects directly to the physical network.
IMPORTANT: once you're at the desktop, you will want to name your virtual machine appropriately so it is not conflicting the the machine you just virtualized - otherwise Active Directory will get confused and lock you out of the network. To do so: click Start, then right click "My Computer" or "This PC", then click the link for "Advanced System Settings". The "System Properties" window will appear; click the "Computer Name" tab, then click the "Change..." button and make sure the name is unique for that computer. For example, if the machine you virtualized was called "Bob-P4" then you will want to name the virtual machine as "Bob-P4-VM", for example. Apply the changes; you will most likely need to reboot the virtual machine at this point - but before you do that, check Step #2, first.
- Another problem I've come across when it comes to networking is the use of "Home", "Work", and "Public"
networks in Windows 7, 8 and 10. If the virtual machine's network is set as "Public",
this can royally screw things up. In this case, Windows thinks your computer is connected to a WiFi hot spot (or similar), which then firewalls legitimate traffic, causing issues. To get around this, make sure that the virtual machine network is set as "Home" or "Work" and not "Public".
To verify this, right click on your network adapter (near the
clock), then choose "Open Network and Sharing Center". The
Network and Sharing Center will appear and will say whether or not your
adapter is connected to a "Public" or "Private" network.
Refer to this article
if you need to change the network from Public to Private (for Windows 7, 8
or 10).
- Now it's time to ensure there are no duplicate organizational units (OUs) within Active Directory, which can prevent the virtual machine from logging in. To do so:
login to the Windows Server, then click Start -> Administrative Tools ->
Active Directory Users and Computers. Here you will see a list of organizational units (OUs) of the existing machines connected to the domain controller.
Delete any objects related to the virtual machine you created -
including both the physical machine and the virtualized machine. For example: if the machine you virtualized was named "Bob-P4" and you also see "Bob-P4-VM",
delete them both. This effectively resets Active Directory for BOTH machines (the physical one as well as the virtualized one), which were most likely butting heads on the network and preventing you from logging in.
- At this point you should be ready to re-connect the virtual machine to the domain controller. Login to the virtual machine if you are not already - you may need to disable the network temporarily as I mentioned in Step #1. Once you are at the desktop, re-enable the network.
Next, click Start, then right click "My Computer" or "This PC", then click the link for "Advanced System Settings". The "System Properties" window will appear; click the "Computer Name" tab, then click the "Network ID..." button. This will start the "Join a Network or Domain" wizard. Click the option for "This computer is part of a business network; I use it to connect to other computers at work", then click "Next". On the following screen choose "My computer uses a network with a domain", then click "Next". Windows will tell you it needs some information, etc - click "Next", then enter in your user name, password, and domain to connect to. Click "Next" when finished.
Windows should now connect you directly to the domain controller and you should be able to log out, then log back in to the network without any issues.
I hope that helps!
Additional 1-on-1 Support: From Dennis
If all of this is over your head, or if you're still having issues with the error message: 'The security database on the server does not have a computer account for this workstation trust relationship.' - I can help using my remote desktop support service. Simply contact me, briefly describing the issue and I will get back to you as soon as possible.
Got a Computer Question or Problem? Ask Dennis!
I need more computer questions. If you have a computer question -- or even a computer problem that needs fixing -- please email me with your question so that I can write more articles like this one. I can't promise I'll respond to all the messages I receive (depending on the volume), but I'll do my best.
About the author: Dennis Faas is the owner and operator of Infopackets.com. With over 30 years of computing experience, Dennis' areas of expertise are a broad range and include PC hardware, Microsoft Windows, Linux, network administration, and virtualization. Dennis holds a Bachelors degree in Computer Science (1999) and has authored 6 books on the topics of MS Windows and PC Security. If you like the advice you received on this page, please up-vote / Like this page and share it with friends. For technical support inquiries, Dennis can be reached via Live chat online this site using the Zopim Chat service (currently located at the bottom left of the screen); optionally, you can contact Dennis through the website contact form.
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.