lsadump::postzerologon is a procedure to update AD domain password and its local stored password remotely mimic netdom resetpwd. Experimental and best situation after reboot. It has the following command line arguments:
  • /target: the target domain controller FQDN
  • /account: the target domain controller's sAMAccountName.
Make sure you are aware of the consequences of changing the DC machine account password.
mimikatz # lsadump::postzerologon /target: /account:dc$
Last modified 6mo ago
Copy link