Guest v2win Posted June 25, 2008 Posted June 25, 2008 Is resetting the secure channel on a domain member machine the same thing as resetting the secure channel? Using the <Netdom resetpwd> command, one can reset the password on a domain controller (which I believe will trigger replication to the other DCs). The <Netdom resetpwd> command is specific to DCs, per the tools description (via <Netdom resetpwd /?>. However, there is the <Netdom reset> command which is used to reset the secure channel between a member machine and a specified DC - is the "secure channel" reset actually just resetting the local machine's password in AD? -- Thanks, J
Guest v2win Posted June 25, 2008 Posted June 25, 2008 RE: Resetting machine account password Sorry, that should have read: Is resetting the secure channel on a domain member machine the same thing as resetting the machine's password? Using the <Netdom resetpwd> command, one can reset the password on a domain controller (which I believe will trigger replication to the other DCs). The <Netdom resetpwd> command is specific to DCs, per the tools description (via <Netdom resetpwd /?>. However, there is the <Netdom reset> command which is used to reset the secure channel between a member machine and a specified DC - is the "secure channel" reset actually just resetting the local machine's password in AD? -- Thanks, J -- V2 "v2win" wrote: > Is resetting the secure channel on a domain member machine the same thing as > resetting the secure channel? > > Using the <Netdom resetpwd> command, one can reset the password on a domain > controller (which I believe will trigger replication to the other DCs). > > The <Netdom resetpwd> command is specific to DCs, per the tools description > (via <Netdom resetpwd /?>. > > However, there is the <Netdom reset> command which is used to reset the > secure channel between a member machine and a specified DC - is the "secure > channel" reset actually just resetting the local machine's password in AD? > > > -- > Thanks, > J
Guest Paul Bergson [MVP-DS] Posted June 26, 2008 Posted June 26, 2008 Re: Resetting machine account password Check out nltest, I think that is what you are looking for. If you want to check to see if the secure channel between a machine and the domain is working properly. If you don't have the support tools installed, install them from your server install disk. d:\support\tools\setup.exe nltest /sc_verify:YourDomainName This should verify and if broken reset the trust between the client and the domain. /sc_reset -- Paul Bergson MVP - Directory Services MCTS, MCT, MCSE, MCSA, Security+, BS CSci 2008, 2003, 2000 (Early Achiever), NT4 http://www.pbbergs.com Please no e-mails, any questions should be posted in the NewsGroup This posting is provided "AS IS" with no warranties, and confers no rights. "v2win" <v2win@discussions.microsoft.com> wrote in message news:8D4D18AE-75FB-476A-86FD-BC452E386935@microsoft.com... > Sorry, that should have read: > > Is resetting the secure channel on a domain member machine the same thing > as > resetting the machine's password? > > Using the <Netdom resetpwd> command, one can reset the password on a > domain > controller (which I believe will trigger replication to the other DCs). > > The <Netdom resetpwd> command is specific to DCs, per the tools > description > (via <Netdom resetpwd /?>. > > However, there is the <Netdom reset> command which is used to reset the > secure channel between a member machine and a specified DC - is the > "secure > channel" reset actually just resetting the local machine's password in AD? > > > -- > Thanks, > J > -- > V2 > > > "v2win" wrote: > >> Is resetting the secure channel on a domain member machine the same thing >> as >> resetting the secure channel? >> >> Using the <Netdom resetpwd> command, one can reset the password on a >> domain >> controller (which I believe will trigger replication to the other DCs). >> >> The <Netdom resetpwd> command is specific to DCs, per the tools >> description >> (via <Netdom resetpwd /?>. >> >> However, there is the <Netdom reset> command which is used to reset the >> secure channel between a member machine and a specified DC - is the >> "secure >> channel" reset actually just resetting the local machine's password in >> AD? >> >> >> -- >> Thanks, >> J
Guest v2win Posted June 26, 2008 Posted June 26, 2008 Re: Resetting machine account password Paul, Thanks, but I am trying to learn if resetting the secure channel is the same thing as resetting the machine password. BTW, <netdom verify machinename> will also verify the secure channel and indicate with which DC the channel exists. -- V2 "Paul Bergson [MVP-DS]" wrote: > Check out nltest, I think that is what you are looking for. > > If you want to check to see if the secure channel between a machine and the > domain is > working properly. > > If you don't have the support tools installed, install them from your server > install disk. > d:\support\tools\setup.exe > > nltest /sc_verify:YourDomainName > > This should verify and if broken reset the trust between the client and the > domain. > > /sc_reset > > -- > Paul Bergson > MVP - Directory Services > MCTS, MCT, MCSE, MCSA, Security+, BS CSci > 2008, 2003, 2000 (Early Achiever), NT4 > > http://www.pbbergs.com > > Please no e-mails, any questions should be posted in the NewsGroup > This posting is provided "AS IS" with no warranties, and confers no rights. > > "v2win" <v2win@discussions.microsoft.com> wrote in message > news:8D4D18AE-75FB-476A-86FD-BC452E386935@microsoft.com... > > Sorry, that should have read: > > > > Is resetting the secure channel on a domain member machine the same thing > > as > > resetting the machine's password? > > > > Using the <Netdom resetpwd> command, one can reset the password on a > > domain > > controller (which I believe will trigger replication to the other DCs). > > > > The <Netdom resetpwd> command is specific to DCs, per the tools > > description > > (via <Netdom resetpwd /?>. > > > > However, there is the <Netdom reset> command which is used to reset the > > secure channel between a member machine and a specified DC - is the > > "secure > > channel" reset actually just resetting the local machine's password in AD? > > > > > > -- > > Thanks, > > J > > -- > > V2 > > > > > > "v2win" wrote: > > > >> Is resetting the secure channel on a domain member machine the same thing > >> as > >> resetting the secure channel? > >> > >> Using the <Netdom resetpwd> command, one can reset the password on a > >> domain > >> controller (which I believe will trigger replication to the other DCs). > >> > >> The <Netdom resetpwd> command is specific to DCs, per the tools > >> description > >> (via <Netdom resetpwd /?>. > >> > >> However, there is the <Netdom reset> command which is used to reset the > >> secure channel between a member machine and a specified DC - is the > >> "secure > >> channel" reset actually just resetting the local machine's password in > >> AD? > >> > >> > >> -- > >> Thanks, > >> J > > >
Guest Paul Bergson [MVP-DS] Posted June 26, 2008 Posted June 26, 2008 Re: Resetting machine account password Yes it is more or less the same. To establish a secure channel the machine has to logon to the domain. -- Paul Bergson MVP - Directory Services MCTS, MCT, MCSE, MCSA, Security+, BS CSci 2008, 2003, 2000 (Early Achiever), NT4 http://www.pbbergs.com Please no e-mails, any questions should be posted in the NewsGroup This posting is provided "AS IS" with no warranties, and confers no rights. "v2win" <v2win@discussions.microsoft.com> wrote in message news:DD510602-A838-4C42-906E-5705E3C95CBF@microsoft.com... > Paul, > > Thanks, but I am trying to learn if resetting the secure channel is the > same > thing as resetting the machine password. BTW, <netdom verify machinename> > will also verify the secure channel and indicate with which DC the channel > exists. > -- > V2 > > > "Paul Bergson [MVP-DS]" wrote: > >> Check out nltest, I think that is what you are looking for. >> >> If you want to check to see if the secure channel between a machine and >> the >> domain is >> working properly. >> >> If you don't have the support tools installed, install them from your >> server >> install disk. >> d:\support\tools\setup.exe >> >> nltest /sc_verify:YourDomainName >> >> This should verify and if broken reset the trust between the client and >> the >> domain. >> >> /sc_reset >> >> -- >> Paul Bergson >> MVP - Directory Services >> MCTS, MCT, MCSE, MCSA, Security+, BS CSci >> 2008, 2003, 2000 (Early Achiever), NT4 >> >> http://www.pbbergs.com >> >> Please no e-mails, any questions should be posted in the NewsGroup >> This posting is provided "AS IS" with no warranties, and confers no >> rights. >> >> "v2win" <v2win@discussions.microsoft.com> wrote in message >> news:8D4D18AE-75FB-476A-86FD-BC452E386935@microsoft.com... >> > Sorry, that should have read: >> > >> > Is resetting the secure channel on a domain member machine the same >> > thing >> > as >> > resetting the machine's password? >> > >> > Using the <Netdom resetpwd> command, one can reset the password on a >> > domain >> > controller (which I believe will trigger replication to the other DCs). >> > >> > The <Netdom resetpwd> command is specific to DCs, per the tools >> > description >> > (via <Netdom resetpwd /?>. >> > >> > However, there is the <Netdom reset> command which is used to reset the >> > secure channel between a member machine and a specified DC - is the >> > "secure >> > channel" reset actually just resetting the local machine's password in >> > AD? >> > >> > >> > -- >> > Thanks, >> > J >> > -- >> > V2 >> > >> > >> > "v2win" wrote: >> > >> >> Is resetting the secure channel on a domain member machine the same >> >> thing >> >> as >> >> resetting the secure channel? >> >> >> >> Using the <Netdom resetpwd> command, one can reset the password on a >> >> domain >> >> controller (which I believe will trigger replication to the other >> >> DCs). >> >> >> >> The <Netdom resetpwd> command is specific to DCs, per the tools >> >> description >> >> (via <Netdom resetpwd /?>. >> >> >> >> However, there is the <Netdom reset> command which is used to reset >> >> the >> >> secure channel between a member machine and a specified DC - is the >> >> "secure >> >> channel" reset actually just resetting the local machine's password in >> >> AD? >> >> >> >> >> >> -- >> >> Thanks, >> >> J >> >> >>
Guest v2win Posted June 26, 2008 Posted June 26, 2008 Re: Resetting machine account password Thank you, Paul. -- V2 "Paul Bergson [MVP-DS]" wrote: > Yes it is more or less the same. To establish a secure channel the machine > has to logon to the domain. > > -- > Paul Bergson > MVP - Directory Services > MCTS, MCT, MCSE, MCSA, Security+, BS CSci > 2008, 2003, 2000 (Early Achiever), NT4 > > http://www.pbbergs.com > > Please no e-mails, any questions should be posted in the NewsGroup > This posting is provided "AS IS" with no warranties, and confers no rights. > > "v2win" <v2win@discussions.microsoft.com> wrote in message > news:DD510602-A838-4C42-906E-5705E3C95CBF@microsoft.com... > > Paul, > > > > Thanks, but I am trying to learn if resetting the secure channel is the > > same > > thing as resetting the machine password. BTW, <netdom verify machinename> > > will also verify the secure channel and indicate with which DC the channel > > exists. > > -- > > V2 > > > > > > "Paul Bergson [MVP-DS]" wrote: > > > >> Check out nltest, I think that is what you are looking for. > >> > >> If you want to check to see if the secure channel between a machine and > >> the > >> domain is > >> working properly. > >> > >> If you don't have the support tools installed, install them from your > >> server > >> install disk. > >> d:\support\tools\setup.exe > >> > >> nltest /sc_verify:YourDomainName > >> > >> This should verify and if broken reset the trust between the client and > >> the > >> domain. > >> > >> /sc_reset > >> > >> -- > >> Paul Bergson > >> MVP - Directory Services > >> MCTS, MCT, MCSE, MCSA, Security+, BS CSci > >> 2008, 2003, 2000 (Early Achiever), NT4 > >> > >> http://www.pbbergs.com > >> > >> Please no e-mails, any questions should be posted in the NewsGroup > >> This posting is provided "AS IS" with no warranties, and confers no > >> rights. > >> > >> "v2win" <v2win@discussions.microsoft.com> wrote in message > >> news:8D4D18AE-75FB-476A-86FD-BC452E386935@microsoft.com... > >> > Sorry, that should have read: > >> > > >> > Is resetting the secure channel on a domain member machine the same > >> > thing > >> > as > >> > resetting the machine's password? > >> > > >> > Using the <Netdom resetpwd> command, one can reset the password on a > >> > domain > >> > controller (which I believe will trigger replication to the other DCs). > >> > > >> > The <Netdom resetpwd> command is specific to DCs, per the tools > >> > description > >> > (via <Netdom resetpwd /?>. > >> > > >> > However, there is the <Netdom reset> command which is used to reset the > >> > secure channel between a member machine and a specified DC - is the > >> > "secure > >> > channel" reset actually just resetting the local machine's password in > >> > AD? > >> > > >> > > >> > -- > >> > Thanks, > >> > J > >> > -- > >> > V2 > >> > > >> > > >> > "v2win" wrote: > >> > > >> >> Is resetting the secure channel on a domain member machine the same > >> >> thing > >> >> as > >> >> resetting the secure channel? > >> >> > >> >> Using the <Netdom resetpwd> command, one can reset the password on a > >> >> domain > >> >> controller (which I believe will trigger replication to the other > >> >> DCs). > >> >> > >> >> The <Netdom resetpwd> command is specific to DCs, per the tools > >> >> description > >> >> (via <Netdom resetpwd /?>. > >> >> > >> >> However, there is the <Netdom reset> command which is used to reset > >> >> the > >> >> secure channel between a member machine and a specified DC - is the > >> >> "secure > >> >> channel" reset actually just resetting the local machine's password in > >> >> AD? > >> >> > >> >> > >> >> -- > >> >> Thanks, > >> >> J > >> > >> > >> > > >
Recommended Posts