Waukesha County Help Center

    Support Home Change KRBTGT Password

    Change KRBTGT Password

    Discover the essential steps and procedures required to change the KRBTGT password, ensuring enhanced security and protection against potential cyber threats.

    Written By John Flaig

    Updated by John Flaig on February 1st, 2024

    Changing KRBTGT Password

    Run through the Script and wait 24 hours and run the same thing again. Repeat every 6 Months.

    Log into DC wcgdc1.

    Go to Scripts directory at the root of the C Drive.

    On the PDC (WCGDC1), run Powershell as admin. Run the command 'Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass' which allows you to run an unsigned script.

    Launch the Reset-KrbTGT-Password-For-RWDCs-And-RODCs.ps1 script in C:\Scripts\New-KrbtgtKeys.ps1-master by running - “.\Reset-KrbTGT-Password-For-RWDCs-And-RODCs.ps1”.

    Choose NO when prompted for read information.

    Which mode of operation do you want to execute? TYPE 6 <enter>

    For ad Forest to be targeted enter “waukeshacounty.gov

    For ad Domain to be targeted enter “waukeshacounty.gov

    Please specify the scope of Krbtgt account to target Type 1 <enter>

    Confirm your RWDC in forest Root and Type Continue <enter>

    Log file gets created.

    Run script again by pressing the up-arrow key until you see it.

    Launch the Reset-KrbTGT-Password-For-RWDCs-And-RODCs.ps1 script in C:\Scripts\New-KrbtgtKeys.ps1-master by running -  “.\Reset-KrbTGT-Password-For-RWDCs-And-RODCs.ps1”.

    Choose NO when prompted for read information.

    Which mode of operation do you want to execute? TYPE 6 <enter>

    For ad Forest to be targeted enter “waukeshacounty.gov

    For ad Domain to be targeted enter “wcg.waukeshacounty.gov

    Please specify the scope of Krbtgt account to target Type 1 <enter>

    Confirm your RWDC in Child Domain and Type Continue <enter>

    Log file gets created again.

    Run script again by pressing the up-arrow key until you see it.

    Launch the Reset-KrbTGT-Password-For-RWDCs-And-RODCs.ps1 script in C:\Scripts\New-KrbtgtKeys.ps1-master by running -  “.\Reset-KrbTGT-Password-For-RWDCs-And-RODCs.ps1”.

    Choose NO when prompted for read information.

    Which mode of operation do you want to execute? TYPE 6 <enter>

    For ad Forest to be targeted enter “waukeshacounty.gov

    For ad Domain to be targeted enter “wcg.waukeshacounty.gov

    Please specify the scope of Krbtgt account to target Type 3 <enter>

    Confirm your RODCs in Child Domain and Type Continue <enter>

    Log file gets created once again.

    Was this article helpful?

    Send feedback

    Table of Contents

      Popular Questions

      Recently Updated

      Can’t find what you’re looking for?

      Our award-winning customer care team is here for you.

      Contact Support