Change computer account passwords in Windows NT
Takeaway: Learn three ways you can disable the automatic password changes on your Windows NT machine.
Joining a Windows NT machine to a Windows NT domain creates a special trust relationship (a "secured channel") between the domain and the computer. The computer receives a special computer account in the domain and a matching password. It uses this combination to authenticate to the domain controllers.The operating system manages this password (not the administrator), and it changes the password every seven days. But problems can arise if the OS can't change the password on your computer. This can happen if you don't connect your machine to the network for seven days.
For example, say you take your laptop with you on a 14-day business trip. When you come back, you won't be able to log in because your computer didn't receive the new password.
If your computer doesn't receive the new password, follow these steps:
You can also disable the automatic password changes. You have three options: from the client side, from the server side, or from both.
Get the TR Blog Roundup
Find out who's offering the best advice, the quirkiest comments, and the most compelling life stories every week with TechRepublic's Blog Roundup. Click here to automatically sign up to receive it every Wednesday.
Use tags to find blog posts about Windows and security.
To disable automatic password changes on the client side, open the Registry Editor by going to Start | Run and typing regedt32.exe. Navigate to the following key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Change the DisablePasswordChange registry entry to 1. You must make this change on each computer where you want to prevent automatic password changes.
To prevent automatic password changes on the server side, open the Registry Editor, and navigate to the same key. Change the RefusePasswordChange registry entry to 1 on all domain controllers in the domain. Make the change to the backup domain controllers first and then to the primary domain controller.
Note: Editing the registry is risky, so be sure you have a verified backup before making any changes.
Print/View all Posts Comments on this article
SponsoredWhite Papers, Webcasts, and Downloads
- Network Readiness For VoIP ShoreTel
- IP Telephony Executive Guide 2007 ShoreTel
- Opening the Door to VoIP--and More Effective Phone Communications ShoreTel
- IP Telephony from A to Z: The Complete IP Telephony eBook ShoreTel
- Next Generation Mobility Now Sprint
Article Categories
- Security
- Security Solutions, IT Locksmith
- Networking and Communications
- E-mail Administration NetNote, Cisco Routers and Switches
- CIO and IT Management
- Project Management, CIO Issues, Strategies that Scale
- Desktops, Laptops & OS
- Windows 2000 Professional, Microsoft Word, Microsoft Excel, Microsoft Access, Windows XP,
- Data Management
- Oracle, SQL Server
- Servers
- Windows NT, Linux NetNote, Windows Server 2003
- Career Development
- Geek Trivia
- Software/Web Development
- Web Development Zone, Visual Basic, .NET
