+ Reply to Thread
Results 1 to 2 of 2
  1. Senior Member
    Join Date
    Mar 2006
    Location
    Boston / Seattle
    Posts
    197

    Certifications
    CCNA, MCP (70-270, 70-290, 70-291) Working on MCSE:Security
    #1

    Default ADUC / DSMOD / NetDOM - Reset a DC

    A question in the MS Press book (70-290) says that a DC is not replicating with other controllers. It says that the computer account needs to be reset. It then gives you the choices of :

    1) Reset it in Active Directory Users and Computers
    2) On the Domain Controller CMD using DSMOD
    3) On the Domain Controller CMD using Netdom
    4) Recovery console

    The correct answer in the book is Netdom, but why couldn't I use DSMOD or ADUC?
    Reply With Quote Quote  

  2. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #2
    Netdom is used to reset a Domain Controller computer account password (Computer accounts have passwords just as user accounts do). We just don't have a level of control over computer passwords as we do with user passwords. ADUC can be used to reset only a user account, workstation computer accounts, and member server computer accounts. The same goes for DSMOD. The ONLY way to reset a Domain Controller computer account, is by using NETDOM. The problem lies mostly that when you reset a computer account, you have to rejoin it to the domain. Now with a DC, it is what is hosting the domain, so it can't take advantage of a normal computer account reset. Therefore you have to use NETDOM in this instance to do a special computer account reset.

    NETDOM RESETPWD Resets the machine account password for the domain controller
    on which this command is run. Currently there is no support for resetting
    the machine password of a remote machine or a member server. All parameters
    must be specified.

    http://support.microsoft.com/kb/260575
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks