When a trust is set up between Windows NT domains, a trust password is setup with the Trusting domain using a password and the Trusted domain has the trust password in its SAM. Both trust passwords and secure channel passwords can and do get out of synch. When this happens for trusts, the ability to authenication trusted users fails. When this happens to member servers, the domain netlogon service gets disabled and one can only login with a local account and access to resources fail due to failed authenication channel. These secret password problems can be resolved by Netdom .
If these problems become frequent due to network instabilities, you can make the passwords static, that is disable the periodic changes. To disable password changes apply to domain controller ( trusted ):
You can also extend the number of days between changes by applying to domain controllers and workstations (sounds like a LOT of work):
Value: #days up to 1,000,000
IF you do a search on Microsoft, there are many articles on secure channels and trust passwords.