Risk and consequence when executing Kerberos password reset in a Hybrid Azure AD - OnPremise AD DS?

EnterpriseArchitect 4,761 Reputation points
2024-04-24T12:19:23.93+00:00

What are the risks and consequences of resetting the Kerberos krbtgt account during business hours using the steps defined below?

https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/forest-recovery-guide/ad-forest-recovery-reset-the-krbtgt-password

or is it better with this script: https://github.com/zjorz/Public-AD-Scripts/blob/5666e5fcafd933c3288a47944cd6fb289dde54a1/Reset-KrbTgt-Password-For-RWDCs-And-RODCs.ps1

I am using Hybrid AD DS synched with Azure AD connect with Password Hash Synchronization.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,899 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,381 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,082 questions
0 comments