February 12, 2013

Active Directory - Resetting Secure Channel

Active Directory Users and Computers snap-in can be used for resetting computer account or dsmod. Both methods require rejoining computer to domain:
dsmod computer  "Computer DN" -reset

To verify Secure Chanel for Server1 in example.local domain can be used nltest util
(without rejoining computer to domain):
nltest /server:Server1 /sc_query:example.local
Reseting Secure Chanel:
nltest /server:Server1 /sc_reset:example.local

Also Secure Chanel can be reseted by netdom (without rejoining computer to domain):
netdom reset Server1 /Domain example.local /UserO Administrator@example.local /PasswordO *

* - mean that password popup will appear for password prompt
Server1 - name of computer object
example.local - Active Directory domain name

No comments:

Post a Comment