Solved Windows 2012 server has forgotten its password

NerdyDad

I have a server that seems to have forgotten its password but the trust relationship between it and the domain is still intact. Its a 2012 server. There are some tasks in the scheduler, but those are executed with an actual username & password. This is for the server itself, and not an actual user in the server.

Any thoughts?

Obsolesce

What issues/errors are you having?

I know there's some CLI to fix this issue, but I don't remember without looking it up. I've done it before.

NerdyDad

@tim_g said in Windows 2012 server has forgotten its password:

What issues/errors are you having?

I know there's some CLI to fix this issue, but I don't remember without looking it up. I've done it before.

Nothing operational. We use Netwrix to watch for system events and such. Its reporting failed logins of the server itself and not a user on the server. I don't have any error codes other than that, unfortunately.

Obsolesce

If i understand the issue correctly, then this is the PowerShell version of the CLI command I was thinking of:

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/reset-computermachinepassword?view=powershell-5.1

It'll take me longer to find the CLI version between other things.

Obsolesce

Oh, do you mean that for example the SERVER1 SYSTEM account is getting failed login attempts on SERVER2?

Or am I right with my previous understanding?

NerdyDad

@tim_g said in Windows 2012 server has forgotten its password:

Oh, do you mean that for example the SERVER1 SYSTEM account is getting failed login attempts on SERVER2?

Or am I right with my previous understanding?

I believe you are right in your previous understanding. The server is trying to authenticate itself against a domain controller but is getting failed authentications against that certain domain controller.

I'd like to try out that powershell command as I think it will work but what side effects should I expect from it before I run it?

Obsolesce

No reboot required.

It should refresh computer password with the DC.

Worst case is you just rejoin it to the domain if that command doesn't work.

But to answer your question, the computer password changes automatically every so often anyways (i forget exactly, every 30 days or something)... that you're doing it manually sooner doesn't matter.

momurda

Cant you just right click the computer in ADUC and Reset Account?

Obsolesce

@momurda said in Windows 2012 server has forgotten its password:

Cant you just right click the computer in ADUC and Reset Account?

Every time I've done that, it's guaranteed the need to rejoin to the domain, which requires a reboot.