OpenPasswordFilter icon indicating copy to clipboard operation
OpenPasswordFilter copied to clipboard

Published 20 hours ago verified publisher icon brockrob

Crashes DC when resetting krbtgt password

Open davehirsch opened this issue 5 years ago • 1 comments

MS recommendation is to regularly change the Kerberos krbtgt password. If the OPF service is running when that happens, it immediately crashes the DC and the password change fails.

I'm running this on Server 2012R2, fully patched. DFL/FFL = 2012R2

Here's the MS-written krbtgt password change script: https://gallery.technet.microsoft.com/Reset-the-krbtgt-account-581a9e51

Here's the crashing event details: image

davehirsch avatar Jul 03 '19 23:07 davehirsch

If you stop the service before changing the password, it doesn't crash.

davehirsch avatar Jul 03 '19 23:07 davehirsch