If I restore computers container in to AD from backup will it replicate to all other DC's ?

Posted on 2007-08-06
Last Modified: 2013-12-01
We currently have the AD installed on several servers across multiple sites.  Last week one of our administrators ran a script to change the local admin password on all member workstations.  The script went wrong and it changed the password of the workstation's in the computers container, meaning none of our workstation in the COMPUTERS conatiner could authenticate to the domain.

We decided the quickest way to rectify the problem was to re-joint the for domain each PC (a big job).

I am currently backing up one DC with Veritas BE 9.1.   If I had restored the computers container from a recent backup, would the restored data have replicated to all other DCs or would they have sent an over-write to the data I restored as they would consider them seleves to have more recent data ?
Question by:stemc
    LVL 31

    Expert Comment

    by:Toni Uranjek

    Post the contents of the script. If you changed workstation passwords with netdom I don't believe that restoring AD would help, you have to reset workstations passwords.


    Author Comment

    Hi Toni,

    The script was as below, but was ran on every item in the computers container :

    For Each objComputer in colComputers
              strComputer = objComputer.CN
                    if objComputer.Name = "CN=IS-PC" then
                      Wscript.Echo strComputer
                      wscript.Echo objComputer.Name
                      objComputer.SetPassword strPassword
                      Wscript.Echo "nada"
          end if

    Many thanks
    LVL 31

    Accepted Solution

    I'm not sure that authoritative restore of AD would help in your case, but I believe that before you start rejoining computers to domain that you try to reset machine account with netdom:

    netdom resetpwd /server:<servername> /userd:<username>\Administrator /passwordd:*

    You need to run this Netdom command on the machine for which you want to change the password. The server must be a domain controller in the domain, and the user must have a domain account with administrative privileges over the machine account whose password youre changing.

    You need to restart the machine for the password change to take effect. Simultaneously resetting the password on the local machine and a domain controller ensures that the two computers involved in the operation are synchronized, and starts AD replication so that other domain controllers receive the change.

    Author Comment

    Thanks for the prompt response Toni,

    We have already re-joined the domain on the PC's and we will be sure never to run that particular script again !  So in theory I will never get chance to use the Netdom command.

    The main thing I needed to know, you have answered !  That is ....... A restore of the computers container would not have worked.

    Thanks again,


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    How to fix error ""Failed to validate the vCentre certificate. Either install or verify the certificate by using the vSphere Data Protection Configuration utility" when you are trying to connect to VDP instance from Vcenter.
    By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
    This tutorial will show how to inventory, catalog, and restore media from legacy versions of Backup Exec into both 2012 and 2014 versions of the software. Select Storage from the tabs along the ribbon bar as the top: Ensure the proper storage devi…
    The viewer will learn how to download and install Comodo Backup on Windows 7. Comodo Backup is another solution for backing up your computer. It is free for local backup and online backup has differing amounts depending on storage required. In my op…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now