If I restore computers container in to AD from backup will it replicate to all other DC's ?

We currently have the AD installed on several servers across multiple sites.  Last week one of our administrators ran a script to change the local admin password on all member workstations.  The script went wrong and it changed the password of the workstation's in the computers container, meaning none of our workstation in the COMPUTERS conatiner could authenticate to the domain.

We decided the quickest way to rectify the problem was to re-joint the for domain each PC (a big job).

I am currently backing up one DC with Veritas BE 9.1.   If I had restored the computers container from a recent backup, would the restored data have replicated to all other DCs or would they have sent an over-write to the data I restored as they would consider them seleves to have more recent data ?
Who is Participating?
Toni UranjekConnect With a Mentor Consultant/TrainerCommented:
I'm not sure that authoritative restore of AD would help in your case, but I believe that before you start rejoining computers to domain that you try to reset machine account with netdom:

netdom resetpwd /server:<servername> /userd:<username>\Administrator /passwordd:*

You need to run this Netdom command on the machine for which you want to change the password. The server must be a domain controller in the domain, and the user must have a domain account with administrative privileges over the machine account whose password youre changing.

You need to restart the machine for the password change to take effect. Simultaneously resetting the password on the local machine and a domain controller ensures that the two computers involved in the operation are synchronized, and starts AD replication so that other domain controllers receive the change.
Toni UranjekConsultant/TrainerCommented:

Post the contents of the script. If you changed workstation passwords with netdom I don't believe that restoring AD would help, you have to reset workstations passwords.

stemcAuthor Commented:
Hi Toni,

The script was as below, but was ran on every item in the computers container :

For Each objComputer in colComputers
          strComputer = objComputer.CN
                if objComputer.Name = "CN=IS-PC" then
                  Wscript.Echo strComputer
                  wscript.Echo objComputer.Name
                  objComputer.SetPassword strPassword
                  Wscript.Echo "nada"
      end if

Many thanks
stemcAuthor Commented:
Thanks for the prompt response Toni,

We have already re-joined the domain on the PC's and we will be sure never to run that particular script again !  So in theory I will never get chance to use the Netdom command.

The main thing I needed to know, you have answered !  That is ....... A restore of the computers container would not have worked.

Thanks again,

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.