The bascs of managing computer Active Directory accounts

Active Directory employs computer domain accounts in much the same way as it does user accounts. Computer domain accounts specify which systems belong to the domain and identify which AD containers they belong to (i.e. domain, site and organizational units). As an administrator, you can always alter a computer account's container placement. But for the most part, once a computer domain account is created when a new computer joins the domain, AD itself takes on the responsibility of maintaining that account. Each time the computer boots, it authenticates itself to the domain. But occasionally AD will change each computer account's domain password automatically. When problems occur, you will need to reset the computer account.

Resetting the computer account is basically a re-creation of a new computer account and a deletion of the old one. This activity breaks the link between the computer and the domain. This requires that you join the computer to a workgroup, then re-join the domain into the reset computer account. Resetting the computer account can be performed in either of two ways. First, you can use the Active Directory Users and Computers interface by right-clicking over a computer name and selecting Reset from the pop-up menu. Secondly, you can use the command line: dsmod computer <systemname> -reset, where <systemname> is the name of the computer account to reset.

If you fail to leave and re-join the domain after resetting a computer account,

Requires Free Membership to View

the computer will be unable to authenticate to the domain. This results in preventing valid domain user accounts from logging in on the computer as well.

James Michael Stewart is a partner and researcher for Itinfopros, a technology-focused writing and training organization.

This was first published in September 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.