How to Reset Forgotten Directory Services Restore Mode Password in Active Directory

September 29, 2012 updated by Admin Leave a reply »

Certain tasks in Active Directory require that you start the domain controller without Active Directory running. These include restoring the database from backup, moving the database, and performing an offline defragmentation of the database. When you start the domain controller and Active Directory is not running, you must log on as the Directory Services Restore Mode (DSRM) account. The password for this account is set when you install Active Directory. The problem is, many people set this password weeks or months ago, and when it comes time to use it, they can’t remember what it is. Does this sound familiar?

Here we’ll show you an easy way to reset forgotten Directory Services Restore Mode password in Active Directory 2008/2003/2000. Reset Windows Password utility can run on a CD or USB flash drive and help you remove Directory Services Restore Mode password without logging in to Active Directory.

How to Reset Forgotten Directory Services Restore Mode Password in Active Directory?

  1. Download the Reset Windows Password utility. Unzip the download file and you’ll get a ResetWindowsPwd.iso file.
  2. Burn the ISO image file to a blank CD using any burning program (we recommend BurnCDCC) that can burn ISO images.
  3. After you have the Live CD, bring it to boot off your domain controller whose password you want to reset. You’ll see that the computer will load some files inside the Live CD and launch the Reset Windows Password utility.

  4. Click on the Reset Local Admin/User Password option, then choose the Windows SAM database from the drop-down list. It will display the local user accounts and you can find which account is password-protected.
  5. Choose the administrator account and then click on the Reset Password button, it will blank your Directory Services Restore Mode password immediately.
  6. Now remove the Live CD and restart the computer, you can then log in to the Directory Services Restore Mode (DSRM) account with a blank password.

As it’s shown in the steps above, you can also click the Reset Active Directory Password option to unlock your domain user password if you forgot domain admin/user password.