Techit Tricks

You can download videos of CCNA | Azure | Vmware | AWS | Citrix | HP

How do I reset a computer’s domain account

How do I reset a computer’s domain account?

Normally, computers’ domain accounts are self-maintaining. Computers authenticate to the
domain automatically upon startup, and periodically change their domain passwords without
your intervention. However, it is possible for a computer’s domain account to have problems,
which can require you to reset the account.
Resetting a computer’s domain account will break the link between the computer and the domain.
The computer will have to be joined to a workgroup (thus removing it from the domain), then re-joined
to the domain.

Resetting the Account

You can reset a computer account by using either the Microsoft Management Console (MMC)
Active Directory Users and Computers snap-in or a command-line utility. To use Active
Directory Users and Computers, open Active Directory Users and Computers, and locate the
computer’s account. By default, Active Directory places computer accounts in the Computers
container. However, your organization might place computer accounts in another organizational
unit (OU). Right-click the computer account, and select Reset from the context menu.

(You can’t perform this procedure with a domain controller. Generally, there’s no need, as the
computer can always contact itself to reset its own password. However, if a domain controller’s Active)

Directory account becomes unsynchronized, you’ll have to use DCPromo to remove and reinstall
Active Directory.
To use a command-line utility, run

dsmod computer computername –reset

replacing computername with the name of the computer you want to reset.

You must be a Domain Administrator, Enterprise Administrator, or have the appropriate delegated
permissions to perform these tasks.

Rejoining the Domain :

Once its account is reset, a computer will be unable to authenticate to the domain. Essentially,
you’ve changed the computer’s password and have no way to tell it what the new password is.
The only solution is for you to remove the computer from the domain, then rejoin it to the

A side effect of the computer being unable to authenticate to the domain is that no users will be able
to log on to the computer by using domain credentials.
To rejoin the domain on a Windows XP Professional computer (the process for Windows 2000—
Win2K—is similar), right-click My Computer, and select Properties from the Context menu. On
the Computer Name tab, click Change. Select Workgroup, and click OK to close all dialog
boxes. You will need to restart the computer. Return to the Computer Name tab after restarting,
and click Change again. Select Domain, provide the appropriate domain name, and click OK.
You will need to provide the appropriate user credentials to add the computer back into the
domain. After completing these steps, the computer should be able to authenticate to the domain.
Restart the computer and ensure that the domain logon problem is resolved.