corrupt service password

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

The general problem: on every win2k machines, same proble

An service must be run as domain administrator. The service must be stopped every night for backup. Sometimes the service don’t start up again because the password is corrupt

So, I have a workaround for this, an vb script

strComputer = "servername
Set objWMIService = GetObject("winmgmts:"
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2"
Set colServiceList = objWMIService.ExecQuery
("SELECT * FROM Win32_Service WHERE StartName = 'DOMAIN\\Administrator'"
For Each objservice in colServiceLis
errReturn = objService.Change( , , , , , , , "password"
Nex

This was working until… apllyings ome patches on our dns server. Today the domain administrator don’t has the right change the password via an vb script
I have also tried to use “runas … sunarâ€, no permission

When I change (direct granting) the rights on wmi namespace for the domain administrator its works, but for a short time

HELP
 
In
Peter Metdepenningen said:
The general problem: on every win2k machines, same problem

An service must be run as domain administrator. The service must be
stopped every night for backup. Sometimes the service don't start up
again because the password is corrupt.

So, I have a workaround for this, an vb script:

strComputer = "servername"
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer &
"\root\cimv2")
Set colServiceList = objWMIService.ExecQuery _
("SELECT * FROM Win32_Service WHERE StartName =
'DOMAIN\\Administrator'")
For Each objservice in colServiceList
errReturn = objService.Change( , , , , , , , "password")
Next

This was working until. apllyings ome patches on our dns server.
Today the domain administrator don't has the right change the
password via an vb script.
I have also tried to use "runas . sunar", no permission.

When I change (direct granting) the rights on wmi namespace for the
domain administrator its works, but for a short time.

HELP
Click to expand...


I guess to assume this is an AD question regarding domain user account
permissions?

Are there any errors in your Even viewer?

I guess the first thing to do is to ask how is your network configured, such
as in respect to DNS settings?

Can you post an ipconfig /all from one of your servers, and can you also
state the AD domain name as it shows up in ADUC? This will give us a start
in diagnosis, and at least eliminate any misonfigurations.

Also, if any sort of corruption, it can be accountable to Kerberos as well.
If any of your clocks are off more than 5 minutes, that can cause
authentication problems as well, since Kerberos is depended on that.

If your domain is a single label name.... well, that will cause this as well
as other errors.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Hello

I have changed the services:
username was "WILLEMOT\Administrator" I have changed it into "(e-mail address removed)", maybe...



C:\Documents and Settings\Administrator.WILLEMOT>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : WILORA1
Primary DNS Suffix . . . . . . . : willemot.be
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : willemot.be

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3163 Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-02-A5-EA-7C-AF
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.191.191.13
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.191.191.19
DNS Servers . . . . . . . . . . . : 192.191.191.6
192.191.191.8

How can I know if there is a problem with different time settings. I mean, I see no differents.

THANKS

Peter
 
In
Peter Metdepenningen said:
Hello

I have changed the services:
username was "WILLEMOT\Administrator" I have changed it into
"(e-mail address removed)", maybe...



C:\Documents and Settings\Administrator.WILLEMOT>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : WILORA1
Primary DNS Suffix . . . . . . . : willemot.be
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : willemot.be

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3163 Fast
Ethernet NIC Physical Address. . . . . . . . . :
00-02-A5-EA-7C-AF DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.191.191.13
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.191.191.19
DNS Servers . . . . . . . . . . . : 192.191.191.6
192.191.191.8

How can I know if there is a problem with different time settings. I
mean, I see no differents.

THANKS

Peter
Click to expand...


Thanks for posting that info.

Curious, your IP range, 192.191.191.1 to 192.191.191.254 (255.255.255.0), is
that suppposed to be your private IP range or did it come from your ISP? I
did a lookup on it and it belongs to ADP, Inc. You can goto www.arin.net to
confirm that.

As far as configuration, it looks good, unless I missed something. Are you
incurring any errors in the Event viewer on any of your machines, DCs and
DNS servers?


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top