Solved

How to prepopulate user and computer passwords on RODC using any kind of script?

Posted on 2009-05-13
5
1,045 Views
Last Modified: 2012-05-06
Hello,

I'm looking for any scripted solution, that would allow me to prepopulate user and computer passwords on particular RODC.
I know I can't use groups to prepopulate the passwords for multiple users at once, but I guess (hope) there is some way, how to prepopulate passwords for users in some input txt or csv file.
I'm familiar with VBS and PowerShell and I'm not asking directly for entire script - just if someone could point me to a proper method or object that can be used to achieve this.

Thank you in advance
Martin
0
Comment
Question by:martin_babarik
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 15

Expert Comment

by:zelron22
ID: 24379176
RODC's are for branch offices that are part of an existing domain.  You can't have one be the only domain controller in a domain because you can't write to it.

Assuming that it's part of a larger domain, then all you need to do is promote it as an RODC and it should replicate AD from other DCs.

0
 
LVL 15

Expert Comment

by:zelron22
ID: 24379185
You can use LDIFDE to populate passwords, to answer part of your question.

http://support.microsoft.com/kb/237677
0
 
LVL 13

Author Comment

by:martin_babarik
ID: 24379242
Sorry but this is incorrect information. RODCs does not repliacte entire AD database - there are no passwords stored on DC. If you want to have some passwords stored, you need to add them manually in the properties of the RODC computer account.

I'm not asking about how to populate passwords for user account generally in AD.
The question is: how to PREpopulate passwords on RODC - it means how to populate the list of passwords that are stored on RODC (by default RODC doesn't contain ANY password).
0
 
LVL 15

Accepted Solution

by:
zelron22 earned 500 total points
ID: 24379347
Whoops, my mistake.

I found this.  If you have a list of users, you could use this with a for-in-do command to get them all.-

http://windowsitpro.com/article/articleid/100024/q-how-can-i-pre-populate-a-specific-users-credentials-on-a-read-only-domain-controller-rodc.html
0
 
LVL 13

Author Closing Comment

by:martin_babarik
ID: 31581140
Oops I'm so sorry, it happened somehow that I overlooked your solution, my apology.
Thank you very much.

Martin
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question