-1

Big issue since krbtgt passord changed. I followed this procedure : https://docs.microsoft.com/fr-fr/windows-server/identity/ad-ds/manage/ad-forest-recovery-resetting-the-krbtgt-password Yesterday, i changed password (with active directory user and computers console). Today, by error, i ve entered blank password. So i have rechanged password without wait 10 hours and now there is severals issues.

Admins can't connect to RDP, passwords are good but authentication is rejected. Admins are member of protcted users and uses kerberos. Some workstations can't connect to AD, or can't be joined. Also, lanmanworkstation service can't start on some PCs. So netlogon can't start too. These PCs can't be elevated.

on user krbtgt, pwLastSet is never for all my DCs. We have 6DCs, no RODCs.

Can you help me?

Alex Lum
  • 125
  • 1
  • 4
  • 13
  • 1
    "krbtgt password change" is too vague. We would need to know the steps performed, and more about the topology of the directory. – Greg Askew Jul 05 '22 at 10:13
  • 1
    I don't think we know what miss copy paste is, but Active Directory assigns its own random password to the account. You also omitted how the password was changed. Go into AD Users and Computers, connect to each of the six DC's and compare the value of pwdLastSet – Greg Askew Jul 05 '22 at 10:56
  • 1
    What likely occurred is the password was changed again too soon, or one or more DC's did not have the new value replicated to it. – Greg Askew Jul 05 '22 at 11:02
  • the value is (never), ((jamais) in french) on all six DCs. what i mean by miss copy/paste is : i copied a password from a generator and pasted on password prompt but i didn't worked and password have been change to blank. – Alex Lum Jul 05 '22 at 11:09
  • Password was changed with active directory user and computer console. – Alex Lum Jul 05 '22 at 11:19
  • 1
    `i have rechanged password without wait 10 hours`. This is the cause, and typically requires restarting service(s) or endpoints to recover. – Greg Askew Jul 05 '22 at 13:25
  • Yes i mean. Now i can RDP some servers. Restarting endpoint not resolve the issue. LanManWorkstation does not start. Which services to restart? thanks. – Alex Lum Jul 05 '22 at 14:46

1 Answers1

0

It works now after waited severals hours. For endpoit, the issue was a bug with SMBv1. I will not mark this answer as answer. Thanks a lot to Greg Askew for your patience and help.

Alex Lum
  • 125
  • 1
  • 4
  • 13