No announcement yet.

copypwd for machine accounts

  • Filter
  • Time
  • Show
Clear All
new posts

  • copypwd for machine accounts

    This is a great utility, but I can't get it to work for setting machine passwords.

    Further, I can only get a list of machine passwords when I run this utility on my domain controller.

    Running the utility on a member server only shows the local users accounts, not the machine account.

    Does anyone know of a way to input the machine account pw?

    This will be extremely helpful inour disater recovery hot site!!


  • #2
    Re: copypwd for machine accounts

    I am not sure of the answer, as I don't know what the password is on machine accounts. By default, they are set to the name of the computer ending in a '$' sign, subject to length restrictions. See the samaccountname attribute in Active Directory to see what it is.

    Local member servers would not have machine accounts, as the accounts for computers would only be in the domain.

    I just now realized that computers change their password based on a random interval. The problem is that the password is stored somewhere on the local computer and the domain controller, and you would have to restore it in both places.

    I think; I am not sure.
    Kevin Stanush
    SystemTools Software Inc.


    • #3
      Re: copypwd for machine accounts

      In a w2k domain, machine account passwords are set to change every 30 days by default.

      Machine account PW are used in a domain environment, which is what I have.

      I am able to dump the pw for the machine "mymachine" by running on any domain controller:
      "copypwd dump >copywpwd.txt"

      I then edit copypwd.txt so that it just has the machine and PW I want to set.

      But when I follow the instryctions and run the following on "mymachine" in order to set the pw:
      "copypwd set"

      I get the following error:
      "Unable to retreive user informtation for mymachine$ : Error = 2221"


      • #4
        Re: copypwd for machine accounts

        The error code means "user not found", which could either mean that the computer account is not formatted that way in the database, or that the function to get the user information knows that it is a computer account and refuses to retrieve it.

        I don't know of a workaround. You could try (as a test only) to see if leaving the $ sign off makes any difference.
        Kevin Stanush
        SystemTools Software Inc.