Options
ADUC / DSMOD / NetDOM - Reset a DC
nuglobe
Member Posts: 190
A question in the MS Press book (70-290) says that a DC is not replicating with other controllers. It says that the computer account needs to be reset. It then gives you the choices of :
1) Reset it in Active Directory Users and Computers
2) On the Domain Controller CMD using DSMOD
3) On the Domain Controller CMD using Netdom
4) Recovery console
The correct answer in the book is Netdom, but why couldn't I use DSMOD or ADUC?
1) Reset it in Active Directory Users and Computers
2) On the Domain Controller CMD using DSMOD
3) On the Domain Controller CMD using Netdom
4) Recovery console
The correct answer in the book is Netdom, but why couldn't I use DSMOD or ADUC?
GenshiroGuide: My blog about things I found useful. Now with videos. 
Comments
-
Options
royal
Member Posts: 3,352 ■■■■□□□□□□
Netdom is used to reset a Domain Controller computer account password (Computer accounts have passwords just as user accounts do). We just don't have a level of control over computer passwords as we do with user passwords. ADUC can be used to reset only a user account, workstation computer accounts, and member server computer accounts. The same goes for DSMOD. The ONLY way to reset a Domain Controller computer account, is by using NETDOM. The problem lies mostly that when you reset a computer account, you have to rejoin it to the domain. Now with a DC, it is what is hosting the domain, so it can't take advantage of a normal computer account reset. Therefore you have to use NETDOM in this instance to do a special computer account reset.NETDOM RESETPWD Resets the machine account password for the domain controller
on which this command is run. Currently there is no support for resetting
the machine password of a remote machine or a member server. All parameters
must be specified.
http://support.microsoft.com/kb/260575“For success, attitude is equally as important as ability.” - Harry F. Banks