Disable Automatic Machine password changes

Workstations, Member servers, and Trusts all have a representative object in eDirectory/DSfW. That object has a randomly set password when the workstation or server is joined to the domain or when a cross forest trust is established. The workstation, server, or trust will rest that password every 30 days.

Some times that password does not make it to the object in eDirectory/DSfW and there for is not changed in the directory, but the Machine thinks it has been changed.

An option is to disable this functionality from the machine. For a windows workstation or server joined to the domain, along with the AD DC to where the cross forest trust is established, you can disable the automatic machine password change.

Here are the steps.

Start Registry Editor. (Start, Run, type regedit in the Open box)
Locate and then click the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
In the right pane, click the

DisablePasswordChange entry.
On the Edit menu, click Modify.
In the Value data box, type a value of 1, and then click OK.
Quit Registry Editor.

DSfW Dude.com

Domain Services for Windows Videos and Info

Menu

Search

Downloads

Documentation

Citrix

VMWare

Books

Archives

Disable Automatic Machine password changes

Start Registry Editor. (Start, Run, type regedit in the Open box)

Locate and then click the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

In the right pane, click the

DisablePasswordChange entry.

On the Edit menu, click Modify.

In the Value data box, type a value of 1, and then click OK.

Quit Registry Editor.

One Response to Disable Automatic Machine password changes

Recent Posts

Categories

CoolSolutions

TIDs

Forum

MS Knowledge base