Smart questions
Smart answers
Smart people
Join Tek-Tips Forums
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login




Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.
Jobs from Indeed

Link To This Forum!

Partner Button
Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

netdom resetpwd or nltest /SC_RESET on a Certificate Authority Server?Helpful Member! 

ADB100 (TechnicalUser) (OP)
13 Jan 09 15:22
I had a disk issue on a MS Virtual Server and had to restore some backups.  One of the VM disk images is the Enterprise Root CA for the domain - it's a Member Server.  The backup was a few days old so the secure channel to the domain is broken.  Normally this is easily fixed with the 'netdom.exe' or 'nltest.exe' resource kit tools, however this fails to work on the CA - the error is:

CODE

The machine account password for the local machine could not be reset
The specified domain either does not exist or could not be contacted
Name resolution is working perfectly and I can see a conversation with a DC when I attempt the reset, however it fails every time.  I have searched and searched and can't find an answer to this.  I assume as it's a CA it either won't work full stop or there are some additional steps I need to do?

Andy
Helpful Member!  PScottC (MIS)
13 Jan 09 18:42
Reset the account in AD before running the netdom command on the server.  This should allow netdom to change the password and re-establish connection.

PSC

PSC

Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --Mr. The Plague, from the movie "Hackers"

ADB100 (TechnicalUser) (OP)
14 Jan 09 7:51

Quote:

Reset the account in AD before running the netdom command on the server.  This should allow netdom to change the password and re-establish connection.

Yes, already tried that and it doesn't work.  I also tried disabling Certificate Services, restarting the CA server and then doing the reset but I get the same behaviour.

I think this is because it's a CA and there is something 'extra' in play?  I have other servers on the same subnet and these reset OK.

Andy
PScottC (MIS)
14 Jan 09 9:46
Take a look at this procedure: http://support.microsoft.com/default.aspx/kb/555012

You may be able to adapt it to your situation.  I've used it for it's stated purpose and it works.

PSC

Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --Mr. The Plague, from the movie "Hackers"

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close