Forgot domain user password? You will be suggested to use Ophcrack or Offline NT Password & Registry Editor to reset your forgotten domain user password on various forums. But actually these tools don’t work for your situation. Ophcrack and Offline NT Password & Registry Editor are designed to recover / reset the local administrator/users passwords stored in Windows SAM (Security Accounts Manager) file, and they couldn’t be used to reset domain user passwords. Actually, domain user passwords are encoded using a much stronger encryption algorithm and they are stored in a new location: ntds.dit, which is the Active Directory database file.
There are few tools and tricks available on the internet which can be used to deal with forgotten domain user password. So here I’m going to show you an easy way to reset domain user password on Windows Server 2008, 2003 and 2000 domain controller.
How to Reset Domain User Password?
- First you need to download Password Recovery Bundle program on another computer. After installing and running the program, click the Windows Password button, which allows you to create a domain password reset disk in 3 steps. Insert a blank CD/DVD or USB drive into the computer and click Start Burn to create such a disk.
- Insert the domain password reset disk you’ve created into the computer with a forgotten domain user password. Turn on the computer and hold down F2 or whatever the setup key is shown as during the initial boot screen. This should bring up the BIOS.
- In the BIOS look for the Boot Device Priority option, set CD/DVD as the 1st boot device if you want to boot from CD. You can either set Removable Device as the 1st boot device if you want to boot off USB drive. Save your changes.
- Restart the computer and now it will boot from the domain password reset disk. After one or two minutes the disk will launch the Reset Windows Password utility.
- Choose the Reset Active Directory Password option, it will display a list of domain user accounts inside the ntds.dit file.
- Choose a domain user account and then click Reset Password button. The program will change your domain user password to Password123 by default.
- Now remove the domain password reset disk and restart the computer, you can then quickly log on to your domain controller with the new password.
This method works even if you forgot the domain administrator password or your domain user account is locked out or disable. Easily regain access to your server without reinstalling.