Hello,
I'm running PingCastle audits of my samb4 Active Directory to improve my security posture.
However, I'm encountering a problem resolving the "Check if all DCs are using regular password change practices" error
(https://www.cert.ssi.gouv.fr/uploads/gu ... _no_change)
. In short, I've tried the following commands to reset my DC passwords without success and without any error messages: `
Reset-ComputerMachinePassword -Server DC3 -Credential DOM\ADMIN_DOM`
or
`netdom.exe resetpwd /s:dc1 /ud:DOM\ADMIN_DOM /pd:*`
Type the password associated with the domain user:
The local computer account password has been reset.
The operation completed successfully.
But without any results, the date on the DCs remains unchanged:
Domain controller LastChange
DC3 2018-03-01 13:48:10Z
DC2 2018-07-04 11:46:16Z
DC1 2018-04-20 08:58:13Z
Does anyone have a working solution to reset the DC passwords?
Samba version 4.15.13 - Debian
Debian 10.13
Thanks in advance
, Eric
[RESOLVED] Resetting SAMBA4 DC passwords
-
dcardon
- WAPT Expert
- Messages: 1929
- Registration: June 18, 2014 - 09:58
- Location: Saint Sébastien sur Loire
- Contact :
Good morning,
Netiquette dictates that you shouldn't post the same question on two different channels (i.e., cross-posting between Discord and the forum). It wastes people's time and is considered impolite.
so you can watch
Sincerely,
Denis
Netiquette dictates that you shouldn't post the same question on two different channels (i.e., cross-posting between Discord and the forum). It wastes people's time and is considered impolite.
so you can watch
Code: Select all
https://gitlab.com/samba-team/samba/-/blob/samba-4.15.13/source4/scripting/devel/chgtdcpassDenis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
