locked
Machine Credentials RRS feed

  • Question

  • What is used as credential (password) for computer authentication with PEAP/MSCHAPv2? And how is this computer password protected?
    Monday, March 19, 2007 2:31 PM

Answers

  • When a computer is joined to a domain, the computer is provisioned with a machine password. This password is typically changed every 30 days and is controlled by the domain adminstration policies.

    As part of PEAP-EAPMSCHAPv2 computer authentication, the client uses this password to authenticate itself it to the network.

    Thanks,

    Mudit 

    Monday, March 19, 2007 6:11 PM

All replies

  • When a computer is joined to a domain, the computer is provisioned with a machine password. This password is typically changed every 30 days and is controlled by the domain adminstration policies.

    As part of PEAP-EAPMSCHAPv2 computer authentication, the client uses this password to authenticate itself it to the network.

    Thanks,

    Mudit 

    Monday, March 19, 2007 6:11 PM
  • So this password is stored in the DC and my local PC.
    After 60 days if my machine has not changed it's password (i.e. now 2 cycles of the password change have gone) I can remove my machine and rejoin it to the domain.

    Is there any way I can script getting the unicodePwd value in AD for my user account and populating that into the workstation?
    Thursday, September 18, 2008 4:02 PM