Can't you just right-click on the machine in ADUC and select "reset account"?
Klint Martin Blackstone wrote: > > Thanks Michael. > > > > *From:* Michael B. Smith [mailto:[EMAIL PROTECTED] > *Sent:* Friday, September 05, 2008 1:54 PM > *To:* NT System Admin Issues > *Subject:* RE: Domain Offline More than 2 Months > > > > <lecture mode on> > > When a Windows computer joins a domain, it establishes a /secure > channel/ with the directory service (be it the NT directory or Active > Directory). This secure channel is used to pass information, using a > specific cryptographic method, between the Windows computer and a > domain controller (or between domain controllers in different > domains). In Windows NT, the cryptographic method was based on NTLM. > In Windows 2000 and above, it is based on Kerberos. > > > > By default, and behind the scenes, Windows automatically changes the > password it uses to establish this secure channel every 7 -- 30 days > (another value that has changed over the years). Within that lifetime > times 2, a machine is allowed to automatically resync to a new > password. Outside of that, the secure channel must be reset. > > > > The standard way of resetting a secure channel is to remove the > Windows computer from the domain and then rejoin it. However, there > are two tools that can do it as well. They are nltest.exe and netdom.exe. > > </lecture mode off> > > > > http://support.microsoft.com/default.aspx/kb/260575/EN-US/ for netdom and > > > > http://support.microsoft.com/kb/181171 for nltest. > > > > Regards, > > > > Michael B. Smith > > MCITP:SA,EMA/MCSE/Exchange MVP > > http://TheEssentialExchange.com > > > > *From:* Martin Blackstone [mailto:[EMAIL PROTECTED] > *Sent:* Friday, September 05, 2008 4:40 PM > *To:* NT System Admin Issues > *Subject:* RE: Domain Offline More than 2 Months > > > > Thanks Michael, > > Can you elaborate a bit more on that? > > > > *From:* Michael B. Smith [mailto:[EMAIL PROTECTED] > *Sent:* Friday, September 05, 2008 1:33 PM > *To:* NT System Admin Issues > *Subject:* RE: Domain Offline More than 2 Months > > > > Seems to me that if you have a single DC that holds all the FSMO > roles, that one should still be able to log in. > > > > Then you could reset the secure channels for each computer using > nltest or netdom. > > > > Regards, > > > > Michael B. Smith > > MCITP:SA,EMA/MCSE/Exchange MVP > > http://TheEssentialExchange.com > > > > *From:* Martin Blackstone [mailto:[EMAIL PROTECTED] > *Sent:* Friday, September 05, 2008 4:28 PM > *To:* NT System Admin Issues > *Subject:* Domain Offline More than 2 Months > > > > So we talked about this a while back and today I got a call from > someone who has a lab network that has been off at least two months (I > swear it's not me!). As you can imagine nothing works now. > > Before I tell him he is SOL, is there any magic bullet for this? > > > > *From:* Michael B. Smith [mailto:[EMAIL PROTECTED] > *Sent:* Tuesday, August 12, 2008 3:45 PM > *To:* NT System Admin Issues > *Subject:* RE: DC Offline > > > > The default tombstone lifetime is 60 days. Unless you changed it (not > advisable) it is either that, or higher (don't ask -- there was a bug > that made it 180 for awhile). > > > > Regards, > > > > Michael B. Smith > > MCITP:SA,EMA/MCSE/Exchange MVP > > http://TheEssentialExchange.com > > > > *From:* Martin Blackstone [mailto:[EMAIL PROTECTED] > *Sent:* Tuesday, August 12, 2008 6:37 PM > *To:* NT System Admin Issues > *Subject:* DC Offline > > > > I know we have discussed this before, but I probably didn't pay > attention and now I need to know. > > How long can a DC remain offline before it goes sour? I have a need to > build a small network then ship it off somewhere. It may end up > staying in the crate for a few days as well, so let's say it could be > off for a week. > > It would be a standalone domain and this would be the only DC for it. > > Its demo stuff.... > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
