Reconnect Computer to Domain when local admin PW not known
At a customer site in Australia I have come across a problem where the local ABB organisation did not provide the customer with a local user/password for the 800xA nodes, at least not that can be found at the customer or by the local ABB when the question was asked. As a result, two clients that lost their domain connection when the DCs drifted apart time wise (this issue has been corrected and the DCs are again talking to each other) are useless. Is there a way around this short of getting some password cracking tool?
The system is 800xA 5.1 Rev. A
Likely, the machine account password has been changed two times without the domain member being updated with the new. The DC automatically changes the machine account password every 30 days but allows the previous to be used as a backup plan.
After 60 days (two 30 day periods) a disconnected client will not be able to authenticate with the domain.
I'm not sure if you can use NETDOM.EXE /RESETPWD in some form to fix this without first having cracked yourself into the dismembered computer.
Normally, NETDOM.EXE /RESETPWD is needed on a domain controller (which lacks local users and hence backdoors).
Many are used to the workaround "rejoin the domain by temporarily move the computer to a workgroup and then back to the domain again". But you need to be able to login to perform that...
Thanks, Stefan. For some reason I did not get notification from AKS that there was an answer there. Yes, one of the computers has been off the domain since at least 2016, the other one since at least February this year. There are some information out there about how to get in there (reset admin PW a.s.o.), because you do need to get in the local machine. I will pass on your information to the client.