Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

AD Computer Account Password Reset Question

Posted on 2015-02-04
4
Medium Priority
?
92 Views
Last Modified: 2016-06-23
Once you have reset a computer account in AD what is the password? Does the password default back to the hostname?
0
Comment
Question by:Xytras1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40590072
The computer passwords are something that Users will never know. This is a secure password (token) between the computer itself and the domain. Every 30 days this password automatically gets changed. This password also acts as a trust/secure channel with the computer and domain.

For more info on this computer password reset see the below link...
http://support.microsoft.com/kb/216393

Will.
0
 
LVL 3

Expert Comment

by:Rezwan Islam
ID: 40590081
Interesting question. I actually thought it resets to a new password which both Domain Controller and the computer objects use to reinstate communication. Never wondered what that password could be. You can set it to the same password using a VBscript though.

Dim objComputer

Set objComputer = GetObject("LDAP://CN=computername,DC=YOURDOMAIN,DC=COM")
objComputer.SetPassword "computername$"

Wscript.Quit
0
 
LVL 34

Expert Comment

by:it_saige
ID: 40590179
*No Points*

For a clarity, consider the following:
In Windows NT 4.0 and earlier, when an account is created for a
computer, the name of the account is set to the computer name (NetBIOS
style flat name), followed by the dollar sign ("$"), and the password is
set to the lowercase computer name.
(...)
(...)
In Active Directory and later, when an administrator creates a new
computer account, he can choose whether this account is created for a
legacy Windows client (pre-Windows 2000) or a new type of client
(Windows 2000 or later).  If the account is created for a legacy client, then
the computer account and password are set as described above to allow
for compatibility with older operating systems.  However, if the account
is created for a new operating system, then the computer account name
will be set to the computer name, followed by the dollar sign ("$").

However, unlike legacy clients the password will be set to a random
string longer than 14 characters, so a LM password hash will not be
generated for this computer account.
Source - Mechanics of User Identification and Authentication

-saige-
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question