"Trust relationship between ... and the primary domain failed" in MVC5 Authentication

So, based on my EDIT, I've modified my _Layout.cshtml so that instead of having

@if(User.IsInRole("Admin"))  {...}

I have

@if(User.Identity.IsAuthenticated && User.IsInRole("Admin")) {...}

which seems to solve the problem.

I believe the problem was that ASP .NET Identity uses an empty WindowsIdentity when no user is authenticated and when I try to check for the User.IsInRole, then it will try to check the roles of a WindowsIdentity against an Active Directory that I don't have. Obviously I should first check if the user is even logged in before attempting to check its roles, so mea culpa.

But, even though the change above seems to fix my code, I'd be very interested in knowing more about this behavior: why is it using an empty System.Security.Principal.WindowsIdentity when no user is authenticated. I'll accept any answer which explains that.

I've had this issue - It failed for me if I tested an active directory group that didn't exist.

Make sure you're using a group that exists!

I was having this issue with Asp.Net Core 3.1 with Windows Authentication, but this thread came up first when searching the internet. I ended up resolving the issue by decorating the controller class declaration with the following:

using Microsoft.AspNetCore.Authorization;
[Authorize]
    public class SetupController : Controller

Hope this is helpful for someone that is using Windows Authentication and is having the same error.