Old News about expiring computer accounts in demo/course environments.

I was talking to a colleague trainer of mine today and we were talking about course images and how they might become “out of sync” with the domain controller. ( basically what happens is: like a user, a computer has a password as well, and if that expires, the machine “drops out of the domain”) normally a domain disjoin and a domain join will do the trick here.

Because it seems that this information is less wide spread than i assumed, i will post it here hoping that this info will save some reboots during trainings. in every setup I build, I am using it. and I did not have to disjoin and join a machine to those setups ever.

There is a very easy way of solving this for environments where the machines might not be up all the time and maybe even will be switched off for a longer time.

The solution is a Simple Group policy setting in the default domain policy:

Computer configuration,Policies (if win 2008), Windows Settings, Security Settings, Local Policies, Security Options.

it is all about the policy setting: Domain member: Disable machine account password changes.

Set this setting to enabled and you’re done, the machine account passwords will never expire again…