Posts Tagged ‘Machine key’

Trust Relationship Between Workstation and Domain Fails After a SnapShot

Posted by IsaacBlum at 10 January 2011

Category: Business, For The Greater Good, Free Help, HyperV, Microsoft, virtualization, VMWare, Windows 7, Windows Server 2008, Windows Server 2008 R2

Tags: , , , , , ,

Trust Relationship Between Workstation and Domain Fails after you restore to a previous snapshot for either VMware or Hyper. This is because by default every 30 days the Active Directory(AD) server will change the machine key for each of its members. In a development environment where security is not important. This can cause a headache, causing you to unjoin then rejoin servers back to the domain. The other option is to disable this function.

  1. On the Domain Controller : Launch Group Policy Management -> Control PanelSystem and SecurityAdministrative ToolsGroup Policy Management
  2. Edit the default group policy or edit the GPO of your choice.
  3. Edit “Domain member: Maximum machine account password age” = 999   Located -> Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options
  4. Edit “Domain member: Disable machine account password changes” = Enabled   Located -> Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options
  5. Edit “Domain controller: Refuse machine account password changes” = Enabled   Located -> Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options
  6. Lastly run “gpupdate /force” on all servers that need this change.

Resource links:

http://technet.microsoft.com/en-us/library/cc781050(WS.10).aspx

http://technet.microsoft.com/en-us/library/cc785826(WS.10).aspx

http://technet.microsoft.com/en-us/library/cc781050(WS.10).aspx

No Comments

Nice Machine key Generator

Posted by IsaacBlum at 18 February 2010

Category: Business, For The Greater Good, Free Help

Tags: , ,

http://www.orcsweb.com/articles/aspnetmachinekey.aspx

No Comments

  • Archives

  • Tags

  • Subscribe

  • Pages

  • More

  • Disclaimer…

    This is my personal weblog. The opinions expressed herein are my own and are not representative of any 3rd party influence. The owner of this blog reserves the right to edit or delete any comments submitted to this blog without notice if they are deemed to be spam, offensive or otherwise inappropriate. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.


    Lastly, I do my best to document my sources if the article is not of my own creation. If I have missed or forgotten to source your work. I would love feedback via the comments section. Thank you.

DreamHost promos
SiteLock