I can't seem to get the below task scheduler job to work properly in a test domain lab of 2 DCs, 1 win2012 R2 and 1 win2008 R2 DC. Syncing to my 'dsrmuser' user by manually running ntdsutil does work. The Scheduled task runs successfully but doesn't update the password.
http://blogs.technet.com/b/askds/archive/2009/03/11/ds-restore-mode-password-maintenance.aspx
I needed to use a vista level or greater task for the new task to appear in the list of tasks on the win2012 R2 DC. Has anyone used this procedure before? Original post doesn't allow me to comment.
Thanks for any help
Edit:
I tried various versions from the link I posted. Interested in what worked for someone else. I'm using for example:
Run as system.
Windows 7 style task.
Program to run: ntdsutil
Arguments: “SET DSRM PASSWORD” “SYNC FROM DOMAIN ACCOUNT dsrmuser” Q Q
Best Answer
You should have a script with one line of code:
ntdsutil "set dsrm password" "Sync from domain account dsrmuser" quit quit.The code you provided uses left and right double quotes (“ ”), this is not a good idea. Use ascii double quotes (").
Perhaps it would be due to your aren't specifying the full path to ntdsutil.exe or the Start In location. Also, using a scheduled task is probably overkill. Using a shutdown script would be acceptable after you confirm the code is working as expected.