Ôñüðïò áðåíåñãïðïßçóçò áëëáãþí êùäéêïý ðñüóâáóçò ëïãáñéáóìïý ìç÷áíÞìáôïò áõôüìáôçò

Óå õðïëïãéóôÝò ìå Microsoft Windows NT êáé óå õðïëïãéóôÝò ìå Microsoft Windows 2000, ïé êùäéêïß ðñüóâáóçò ëïãáñéáóìþí õðïëïãéóôÞ ôñïðïðïéïýíôáé ôáêôéêÜ ãéá ëüãïõò áóöáëåßáò. Áðü ðñïåðéëïãÞ, óå õðïëïãéóôÝò ðïõ âáóßæïíôáé óôá Windows NT, ôïí êùäéêü ðñüóâáóçò ëïãáñéáóìïý õðïëïãéóôÞ áëëÜæåé áõôüìáôá êÜèå åðôÜ çìÝñåò. Óå õðïëïãéóôÝò ðïõ âáóßæïíôáé óôá Windows 2000, ôïí êùäéêü ðñüóâáóçò ëïãáñéáóìïý õðïëïãéóôÞ áëëÜæåé áõôüìáôá êÜèå 30 çìÝñåò. Áõôü ôï Üñèñï ðåñéãñÜöåé ôïí ôñüðï Ýíáò äéá÷åéñéóôÞò ìðïñåß íá áðåíåñãïðïéÞóåé áëëáãþí êùäéêïý ðñüóâáóçò ëïãáñéáóìïý ìç÷áíÞìáôïò áõôüìáôç.

ÐÑÏÓÏ×ÇÅÜí ç áðåíåñãïðïßçóç áëëáãþí êùäéêïý ðñüóâáóçò ëïãáñéáóìïý ìç÷áíÞìáôïò, õðÜñ÷ïõí êßíäõíïé áóöáëåßáò åðåéäÞ ôï êáíÜëé áóöáëåßáò ÷ñçóéìïðïéåßôáé ãéá Ýëåã÷ï ôáõôüôçôáò äéáâßâáóçò. ÅÜí êÜðïéïò áíáêáëýøåé Ýíáí êùäéêü ðñüóâáóçò, ï ÷ñÞóôçò ìðïñåß íá åêôåëÝóåé ðéèáíþò Ýëåã÷ïò ôáõôüôçôáò äéáâßâáóçò óôïí åëåãêôÞ ôïìÝá.

You may want to disable the default automatic machine account password changes for any one of the following reasons:

• You want to reduce replication occurrences. As a side effect of automatic machine account password changes, a domain with many client computers and domain controllers can cause replication to occur on a frequent basis. You can disable automatic machine account password changes to reduce replication occurrences.
• You have two separate installations of Windows NT or Windows 2000 on the same computerin a dual-boot configuration. In this case, the only way to share the same machine account between the two installations of Windows NT or Windows 2000 is to use the default machine account password that is created when you join the domain.
• If you frequently perform a clean installation of Windows NT or Windows 2000, you must have an administrator on the domain that can create the machine account on the domain. If that is a problem, you can leave the password of the machine account as the default.

In Windows NT versions 3.51 and later and in Windows 2000, you can disable the machine account password changes on a workstation by setting theregistry entry to a value of 1. To do so, follow these steps.

ÓçìáíôéêüÁõôÞ åíüôçôá, ìÝèïäï Þ åñãáóßá ðåñéÝ÷åé âÞìáôá ðïõ èá óáò ðëçñïöïñÞóåé ðþò íá ôñïðïðïéÞóåôå ôï ìçôñþï. Ùóôüóï, åíäÝ÷åôáé íá ðñïêýøïõí óïâáñÜ ðñïâëÞìáôá åÜí äåí ôñïðïðïéÞóåôå óùóôÜ ôï ìçôñþï. ÊáôÜ óõíÝðåéá, âåâáéùèåßôå üôé áêïëïõèåßôå ðñïóåêôéêÜ ôá åîÞò âÞìáôá. Ãéá åðéðëÝïí ðñïóôáóßá, äçìéïõñãÞóôå áíôßãñáöá áóöáëåßáò ôïõ ìçôñþïõ ðñïôïý ôï ôñïðïðïéÞóåôå. Ìå áõôüí ôïí ôñüðï, ìðïñåßôå íá åðáíáöÝñåôå ôï ìçôñþï åÜí ðñïêýøåé ðñüâëçìá. Ãéá ðåñéóóüôåñåò ðëçñïöïñßåò ó÷åôéêÜ ìå ôïí ôñüðï äçìéïõñãßáò áíôéãñÜöùí áóöáëåßáò êáé åðáíáöïñÜò ôïõ ìçôñþïõ, êÜíôå êëéê óôïí áñéèìü ôïõ Üñèñïõ ðáñáêÜôù ãéá íá ðñïâÜëåôå ôï Üñèñï ôçò ÃíùóéáêÞò âÜóçò ôçò Microsoft:

1. ÎåêéíÞóôå ôïí ÅðåîåñãáóôÞ Ìçôñþïõ (Registry Editor). To do so, clickStartÊÜíôå êëéêÅêôÝëåóçTYPERegeditÓôïOpenðëáßóéï êáé óôç óõíÝ÷åéá êÜíôå êëéêOk.
2. Åíôïðßóôå êáé, óôç óõíÝ÷åéá, êÜíôå êëéê óôï áêüëïõèï äåõôåñåýïí êëåéäß ìçôñþïõ:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
3. In the right pane, click the
   DisablePasswordChange
   Êáôá÷þñçóç (Entry).
4. Óôï äéáêïìéóôÞÅðåîåñãáóôåßôå ôç äéáäñïìÞìåíïý, êÜíôå êëéê óôï êïõìðßÔñïðïðïßçóç (Modify).
5. ÓôïÄåäïìÝíá ôéìÞòbox, type a value of1, êáé óôç óõíÝ÷åéá êÜíôå êëéê óôï êïõìðßOk.
6. Êëåßóôå ôïí ÅðåîåñãáóôÞ Ìçôñþïõ.

In Windows NT version 4.0 and Windows 2000, you can disable the machine account password change by setting theregistry entry to a value of 1 on all domain controllers in the domain instead of on all workstations. To do so, follow these steps.

ÓÇÌÅÉÙÓÇOn Windows NT 4.0 domain controllers, you must change theregistry entry to a value of 1 on all backup domain controllers (BDCs) in the domain before you make the change on the primary domain controller (PDC). Failure to follow this order will cause event ID 5722 to be logged in the event log of the PDC.

ÓçìáíôéêüÁõôÞ åíüôçôá, ìÝèïäï Þ åñãáóßá ðåñéÝ÷åé âÞìáôá ðïõ èá óáò ðëçñïöïñÞóåé ðþò íá ôñïðïðïéÞóåôå ôï ìçôñþï. Ùóôüóï, åíäÝ÷åôáé íá ðñïêýøïõí óïâáñÜ ðñïâëÞìáôá åÜí äåí ôñïðïðïéÞóåôå óùóôÜ ôï ìçôñþï. ÊáôÜ óõíÝðåéá, âåâáéùèåßôå üôé áêïëïõèåßôå ðñïóåêôéêÜ ôá åîÞò âÞìáôá. Ãéá åðéðëÝïí ðñïóôáóßá, äçìéïõñãÞóôå áíôßãñáöá áóöáëåßáò ôïõ ìçôñþïõ ðñïôïý ôï ôñïðïðïéÞóåôå. Ìå áõôüí ôïí ôñüðï, ìðïñåßôå íá åðáíáöÝñåôå ôï ìçôñþï åÜí ðñïêýøåé ðñüâëçìá. Ãéá ðåñéóóüôåñåò ðëçñïöïñßåò ó÷åôéêÜ ìå ôïí ôñüðï äçìéïõñãßáò áíôéãñÜöùí áóöáëåßáò êáé åðáíáöïñÜò ôïõ ìçôñþïõ, êÜíôå êëéê óôïí áñéèìü ôïõ Üñèñïõ ðáñáêÜôù ãéá íá ðñïâÜëåôå ôï Üñèñï ôçò ÃíùóéáêÞò âÜóçò ôçò Microsoft:

1. ÎåêéíÞóôå ôïí ÅðåîåñãáóôÞ Ìçôñþïõ (Registry Editor). To do so, clickStartÊÜíôå êëéêÅêôÝëåóçTYPERegeditÓôïOpenðëáßóéï êáé óôç óõíÝ÷åéá êÜíôå êëéêOk.
2. Åíôïðßóôå êáé, óôç óõíÝ÷åéá, êÜíôå êëéê óôï áêüëïõèï äåõôåñåýïí êëåéäß ìçôñþïõ:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
3. Óôï äéáêïìéóôÞÅðåîåñãáóôåßôå ôç äéáäñïìÞìåíïý, óçìåßïÍÝá, êáé óôç óõíÝ÷åéá êÜíôå êëéê óôï êïõìðßÔéìÞ DWORD.
4. TYPERefusePasswordChangeas the registry entry name, and then press ENTER.
5. Óôï äéáêïìéóôÞÅðåîåñãáóôåßôå ôç äéáäñïìÞìåíïý, êÜíôå êëéê óôï êïõìðßÔñïðïðïßçóç (Modify).
6. ÓôïÄåäïìÝíá ôéìÞòbox, type a value of1, êáé óôç óõíÝ÷åéá êÜíôå êëéê óôï êïõìðßOk.
7. Êëåßóôå ôïí ÅðåîåñãáóôÞ Ìçôñþïõ.

ÓÇÌÅÉÙÓÇÃéá íáregistry entry causes the domain controller to refuse password change requests only from workstations or member servers that run Windows NT version 4.0 or later.

If you set theregistry entry to a value of 1, after the workstation or member server first tries to change its machine account password, future attempts to change the password are prevented (by returning a distinct status code). A Windows NT 4.0-based computer will try to change its machine account password again in seven days, and a Windows 2000-based computer will try again in 30 days. If you set theregistry entry to a value of 1, the replication traffic will stop, but not the client traffic. If you set theregistry entry to a value of 1, both client and replication traffic will stop.

If you disable automatic machine account password changes, you can set up two (or more) installations of Windows NT or Windows 2000 on the same computer that use the same machine account. Ãéá íá ôï êÜíåôå áõôü, áêïëïõèÞóôå ôá åîÞò âÞìáôá:

1. Install Windows NT or Windows 2000, and set up the computer as a workgroup member.
2. Disable the automatic machine account password changes. To do so, set the
   DisablePasswordChange
   registry entry in the
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
   registry subkey to a value of 1.
3. ÎåêéíÞóôå ðÜëé ôïí õðïëïãéóôÞ.
4. Set up the machine account on the domain controller by using Server Manager on a Windows NT 4.0 domain controller, or by using Active Directory Users and Computers on a Windows 2000 domain controller.
5. Join the computer to the domain.
6. Perform a second installation of Windows NT or Windows 2000 in a separate directory, and set up the computer as a workgroup member.
7. Repeat steps 2 through 3.

For additional information about the effects of machine account replication and about how to change the frequency of automatic machine account password changes, click the following article number to view the article in the Microsoft Knowledge Base: