resetting OS X machine password in windows 2003 domain

I've got a MacBook Pro PPC that is bound to AD in a Windows 2003 domain -- unfortunately, a recent update seems to have broken the bind.  The user continued to "log in" to the domain using cached credentials and access the local home directory of her network user account.  Since she still received an IP and had internet access, it wasn't noticed that she couldn't access domain resources right away.  

My question -- if I unbind and rebind the Macintosh from AD, will their be any affect on the locally stored network user files?  Or, is it possible to reset/sync the machine account?  Rebinding seems the simplest solution, but I don't want to risk the user's locally stored preferences and files.  To complicate matters, MacAdmit is installed, so it created an alternate directory for the domain.  MacAdmit's configuration tool in Direcdtory Access did allow me to verify that the machine account password is what's causing the problem.  Assuming it sees the domain as the same domain (which it should), will this overwrite or erase files already stored locally>
Who is Participating?
b3owolfConnect With a Mentor Commented:
We have had this problem in the past at my site. Users would have bind break and not notice for months, finally reporting that there was an issue. We were always able to just rebind without any ill effects or lost files. The keychain password will have to be updated as this is not dynamic in a Windows AD environment. If rebinding gives you an issue make sure you are at 10.5.5 or greater before rebinding, there was an issue with AD in previous versions. Good luck!
cathynAuthor Commented:
I wanted to clarify that MacAdmit shows as an additional item in Directory Access, and is what allowed me to verify that the machine password is what was causing the connection failure.  Since AdmitMac lists the domain that is defined in the Active Directory item of Directory access, rebinding seems like an option.  Only problem is the domain is stored as a SID the ways Windows does rather than by the name (which wouldn't change when unbound/rebound).
cathynAuthor Commented:
Thanks for your help -- had a feeling that was the case but wasn't sure enough to feel comfortable moving forward!
cathynAuthor Commented:
Thanks for your help.  "Unbinding" did not delete any of the network users files.

Note that I also discovered that AppleShare between domain OSX computers seems to note user sids but doesn't seem to apply machine passwords.  I was able to connect the OSX laptop with a corrupt machine account to another OSX laptop in the same domain via AppleShare -- connected directly to the user's home area on the OSX machine.  

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.