Syntax NETDOM RESETPWD /Server:domain Change user password in Windows command line. Either can be the non-Windows Kerberos domain. NETDOM ResetPWD (Windows Server 2003/2008/R2/2012 + Windows 7/8) Reset the machine account password for a domain controller. The order of the two domains above is not important. Netdom trust Northamerica /d:ATHENA /trans To display the transitive state, type the following at the command prompt: Netdom trust Northamerica /d:ATHENA /trans:yes If you want to change the trust from ATHENA to Northamerica as transitive, type the following at the command prompt: Non-Windows Kerberos trusts are created as non-transitive. To make the trust two-way, you can specify the /twoway parameter.If you want to set the Kerberos realm ATHENA to trust the Northamerica domain, type the following at the command prompt: Verifying a specific trust relationship requires credentials unless the user has domain administrator privileges on both domains.Credentials to the Windows 2000 domain can be supplied if needed. The order of the domains is not important. The /d parameter specifies the trusted domain and the /realm parameter indicates that this is a non-Windows Kerberos realm.
Netdom trust /d:ATHENA Northamerica /add /PT:password /realm In this case, use the netdom.exe tools to restore a secure channel with the domain controller. To establish a one-way trust where Northamerica trusts the non-Windows Kerberos realm ATHENA, type the following at the command prompt: In Windows 7/2008R2 and in previous Windows versions without PowerShell 3.0, you cannot use Test-ComputerSecureChannel and Reset-ComputerMachinePassword cmdlets to reset a computer password and repair trust relationship with the domain. Netdom trust /d: /add /twoway Example 14: Establish a One-Way Trust Relationship from a Windows Domain to a Non-Windows Kerberos Realm If you then want to specify a two-way trust, type the following at the command prompt If passwords are not provided on the command line, the user is prompted for both.
The /pd parameter can be used to specify the password for Northamerica\admin and the /po parameter can be used to specify the password for USA-Chicago\admin. The user must have credentials for both domains. The following prompt is displayed:Įnter the password for USA-Chicago\admin and press Enter. Press Enter and the following prompt is displayed:Įnter the password for Northamerica\admin and press Enter. Netdom trust /d:Northamerica USA-Chicago /add /Ud:Northamerica\admin /Pd:* /Uo:USA-Chicago\admin /Po:* To set the Windows NT 4.0 resource domain USA-Chicago to trust the Windows NT 4.0 account domain Northamerica, type the following at the command prompt: When used with the trust operation, the /d: Domain parameter always refers to the trusted domain.