After upgrading all Domain Controllers to Server 2025 in the domain, older Window 10/11 Clients might lose trust relationship to the domain. The classic error “The trust relationship between the workstation and the primary domain failed” appears when trying to login. This happens because computers change their password every 30 days by default and because of new security protocols that are not supported by Windows 11 23H2 and older clients, this password change fails and the relationship breaks.
The simple solution is to upgrade all clients to 24H2 or newer. 🙂
References: