The Japan Page

As detailed on the MS Support site here

The process is mostly the same as in Windows 2000, except you have to stop the Kerberos Key Distribution Center service and restart (or remove the Kerberos ticket cache). I ran this once from memory, when it didn't work I had to go back and RTFM to find out about the service stop in 2003. Such is progress...

Read on for the steps...

Use Netdom.exe to Reset a Machine Account Password
1. Install the Windows Server 2003 Support Tools on the domain controller whose password you want to reset. These tools are located in the Support\Tools folder on the Windows Server 2003 CD-ROM. To install these tools, right-click the Suptools.msi file in the Support\Tools folder, and then click Install.
2. If you want to reset the password for a Windows domain controller, you must stop the Kerberos Key Distribution Center service and set its startup type to Manual.

Notes
• After you restart and verify that the password has been successfully reset, you can restart the Kerberos Key Distribution Center (KDC) service and set its startup type back to Automatic. This forces the domain controller that has the incorrect computer account password to contact another domain controller for a Kerberos ticket.
• You may have to disable the Kerberos Key Distribution Center service on all domain controllers except one. If you can, do not disable the domain controller that has the global catalog, unless it is experiencing problems.
3. Remove the Kerberos ticket cache on the domain controller where you receive the errors. You can do this by restarting the computer or by using the KLIST, Kerbtest, or KerbTray tools.
4. At a command prompt, type the following command:
netdom resetpwd /s:server /ud:domain\User /pd:*
A description of this command is:
• /s:server is the name of the domain controller to use for setting the machine account password. This is the server where the KDC is running.
• /ud:domain\User is the user account that makes the connection with the domain you specified in the /s parameter. This must be in domain\User format. If this parameter is omitted, the current user account is used.
• /pd:* specifies the password of the user account that is specified in the /ud parameter. Use an asterisk (*) to be prompted for the password.
For example, the local domain controller computer is Server1 and the peer Windows domain controller is Server2. If you run Netdom.exe on Server1 with the following parameters, the password is changed locally and is simultaneously written on Server2, and replication propagates the change to other domain controllers:
netdom resetpwd /s:server2 /ud:mydomain\administrator /pd:*
5. Restart the server whose password was changed. In this example, this is Server1.

Posted by John Seaman at 9:39 PM | Permalink | Comments (0)

I just returned from a 10 day visit to Japan to see the family and tour around a bit. I had a chance to catch up with my college buddy Yasuhiro and his wife Kyoko and daughter Chihiro-chan, and they were kind enough to take me sightseeing up in the mountains North of Nagoya.

Here is the postman dressed in traditional garb in Minami Kisocho, Nagano Prefecture. The middle of this old town on the Naka Sendo, one of the two old foot highways between Nagoya and Tokyo, was preserved from the Edo time period 100-150 years ago. Many historic old wooden Japanese style inns and stores survive, and many of them are still open for customers.

The wooden box is the old fashioned equivalent of a leather postman's bag and says "Post Office" on it.

Photograph (C) 2007 www.johnseaman.com

Posted by John Seaman at 12:03 AM | Permalink | Comments (0)

See this post for how to wake up your server remotely.

This is the second part of my decidedly-not-rocket-science script to remotely shutdown / hibernate a Windows home fileserver. It will should work on anything Win2k or newer, including XP.

Requirements:

1. The excellent freeware application BeyondExec v2 from BeyondLogic.
2. Admin perms of course.
3. Something to remotely wakeup...?

BeyondExec is an excellent utility that will allow you to remotely spawn processes and terminate them as well. The Microsoft command shutdown.exe doesn't allow remote suspension, hibernation or locking the console so this utility is just the thing.

Just edit the script and change "SERVERNAME" to the name of your system, and after -d put in (shutdown,.poweroff, reboot, suspend, hibernate, logoff or lockworkstation) It will ask you to hit any key to confirm, then send the command and ping continuously until you close the window. BTW, "Oyasumi" is Japanese for goodnight...

Get the script here.

Posted by John Seaman at 11:47 PM | Permalink | Comments (0)

In order to save power and keep my garage from overheating, I turn off my home file server when not in use. I used to manually run out to adjust the Big Red Switch, but then I decided to get lazy and script the WOL process... and use hibernate instead. Hibernate is sooo much better in Windows 2003 !

Requirements:
1. WOL support. Just about everything nowadays should support it, check your BIOS settings.
2. The freeware WOL application wolcmd.exe from Depicus.

This script is really simple, it just asks you to confirm you really want to wake up the server, then calls wolcmd.exe from the command line and then pings continuously. Once you get replies, just close the window.

The syntax for wolcmd.exe is simple, just call the executable with <MACaddress> <IPaddress> <subnetMask> 7 like this:

wolcmd.exe 008063C51D8A 172.16.10.200 255.255.255.0 7

Make sure to remove the hyphens from the MAC. The value 7 is the port number and should work on LANs without issues. See the note here for more info about doing this across a firewall.

Sample script WakeOnLAN .

Posted by John Seaman at 11:28 PM | Permalink | Comments (0)