You're reading from Active Directory Administration Cookbook, Second Edition Proven solutions to everyday identity and authentication challenges for both on-premises and the cloud

Product type Paperback

Published in Jul 2022

Publisher Packt

ISBN-13 9781803242507

Length 696 pages

Edition 2nd Edition

Languages

PowerShell

Tools

Azure

Concepts

Identity Management

Author (1):

Sander Berkouwer

View More author details

Table of Contents (18) Chapters

Preface

1. Chapter 1: Optimizing Forests, Domains, and Trusts

2. Chapter 2: Managing Domain Controllers FREE CHAPTER

3. Chapter 3: Managing Active Directory Roles and Features

4. Chapter 4: Managing Containers and Organizational Units

5. Chapter 5: Managing Active Directory Sites and Troubleshooting Replication

6. Chapter 6: Managing Active Directory Users

7. Chapter 7: Managing Active Directory Groups

8. Chapter 8: Managing Active Directory Computers

9. Chapter 9: Managing DNS

10. Chapter 10: Getting the Most Out of Group Policy

11. Chapter 11: Securing Active Directory

12. Chapter 12: Managing Certificates

13. Chapter 13: Managing Federation

14. Chapter 14: Handling Authentication in a Hybrid World (AD FS, PHS, PTA, and DSSO)

15. Chapter 15: Handling Synchronization in a Hybrid World (Azure AD Connect)

16. Chapter 16: Hardening Azure AD

17. Other Books You May Enjoy

Resetting the KRBTGT secret

This recipe shows how to reset the password of the KRBTGT account.

Getting ready

To reset the password for the KRBTGT account, sign in to a domain controller with a user account that is a member of the Domain Admins group.

How to do it...

Perform the following line of PowerShell:

Set-ADAccountPassword -Identity (Get-ADUser krbtgt).DistinguishedName -Reset -NewPassword (ConvertTo-SecureString "Rand0mCompl3xP@ssw0rd!" -AsPlainText -Force)

Replace Rand0mCompl3xP@ssw0rd! with the new complex password for the KRBTGT user object.

How it works...

Each Active Directory domain in a multi-domain environment has its own KRBTGT account used by all fully writable domain controllers. Each read-only domain controller has its own KRBTGT_* account.

The password hash for the KRBTGT account is used as the secret to encrypt all Kerberos tickets.

The password for KRBTGT is set during the creation of an Active Directory domain. Microsoft...

The rest of the chapter is locked

You're reading from Active Directory Administration Cookbook, Second Edition Proven solutions to everyday identity and authentication challenges for both on-premises and the cloud

Table of Contents (18) Chapters

Resetting the KRBTGT secret

Getting ready

How to do it...

How it works...

Authors (1)

Personalised recommendations for you

You're reading from Active Directory Administration Cookbook, Second Edition Proven solutions to everyday identity and authentication challenges for both on-premises and the cloud

Table of Contents (18) Chapters

Resetting the KRBTGT secret

Getting ready

How to do it...

How it works...

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you