When you control an object that have for example the edges GenericAll or ForceChangePassword on a computer object it is possible to set the password of that computer object (machine account) to a known value without knowing the current password using for example BloodyAD or rpcclient. However, doing so will cause the trust relationship between the computer and the domain to break.
Is it possible to set the password of a machine account to a known value remotely without knowing the current password/NT hash of the target machine account and without breaking the trust relationship? After all, by default, all domain-joined computers change their passwords every 30 days automatically.
When you control an object that have for example the edges
GenericAllorForceChangePasswordon a computer object it is possible to set the password of that computer object (machine account) to a known value without knowing the current password using for example BloodyAD or rpcclient. However, doing so will cause the trust relationship between the computer and the domain to break.Is it possible to set the password of a machine account to a known value remotely without knowing the current password/NT hash of the target machine account and without breaking the trust relationship? After all, by default, all domain-joined computers change their passwords every 30 days automatically.