Forum Discussion
DavidYorkshire
Jan 06, 2025Steel Contributor
W11 24H2 - Trust relationship breaking with hybrid-joined machines
Has anyone else encountered the issue whereby when the 24H2 update installs on a hybrid-joined machine (Intune / local AD), the trust relationship with the local AD becomes broken, and the only way to log into the machine is using a local admin account (if one exists), and then repair the trust using the Test-ComputerSecureChannel -Repair command?
It seems to happen consistently with all our hybrid-joined machines immediately after the update has installed.
- KoopaCopper Contributor
Is there any news on this issue? Unfortunately, we are currently blocked in our company with the Windows 11 migration. There is still no solution from Microsoft Support. There are only 8 months left until October 14, 2025 and we have almost 2000 Windows 10 upgrades pending.
- KoopaCopper Contributor
We have the same problem with in-place upgrade from Windows 10 to Windows 11 24H2. Interestingly, it does not affect every in-place upgrade. Out of about 50 upgrades, I have the problem 3 times. Unfortunately we have not found a workaround either. Does anyone have a workaround? Today I also opened a ticket with Microsoft.
- AnthonymelwhrhsSteel Contributor
Yes we have this issue too. After a restart we are seeing NETLOGON errors 5719 and 5720. It also seems to be affecting NTP via Time-Service error 130 when attempting to communicate with our DC.
This is happening for both new deployments and in-place upgrades from 11 23H2. Machines on 23H2 do not have these errors.
- DustinKCopper Contributor
Yes we have, whether an in place upgrade or a fresh 24H2 Image install.
What we have found is the Netlogon Service is not able to connect/authenticate with our domain controllers. You can easily test this by stop/starting the netlogon service then check the System event logs and you should see the event 5719 failure.
We have an open support ticket regarding the issue, hopefully we come to a solution soon. In the meantime we have put a halt to 24H2 installs in our environment. - jensstevensCopper Contributor
I have done upgrades from windows 10 to windows 11 24H2 being hybrid joined.
I always ask to much information but better to much then to less.
- What OS and version where the device running before the upgrade?
- Are all updates installed before the upgrade?
- What brand, model and what kind of device? (laptop, desktop, tablet,..)
- Do you see anything in the logs check the Netlogon logs
- Can you join a clean installed windows 11 24h2 device to your domain without any issue?
- Are there devices that do not have this issue, if so what are the differences between them?