Archive for the ‘Active Directory Password’ category

Learn the Basics of Directory Services Restore Mode

June 20th, 2013 by Admin

Directory Services Restore Mode (DSRM) is a special boot option similar to Safe Mode in Windows. But this mode is only applicable to Windows Server domain controllers and it is used to restore or repair an Active Directory database. If there is a need to repair or restore Active Directory database, DSRM has to be used. Restarting in Directory Services Restore Mode takes the domain controller offline, meaning it functions as a regular server, not as a domain controller.

Boot into Directory Services Restore Mode

If you have physical access to a domain controller, you can access the Directory Services Restore Mode easily. Simply turn on or restart the computer and press F8 prior to the machine booting into Windows, the system will display the Advanced Boot Options.

dsrm

Choose the Directory Services Restore Mode from the menu and press Enter. The server will then boot into Directory Services Restore Mode.

Directory Services Restore Mode Password

Generally when you run the DCPROMO command to promote an individual server to a domain controller, the install wizard will prompt you to set a Directory Services Restore Mode password. This password is actually for the built-in local administrator account. In order to boot into Directory Services Restore Mode, you need to use the local administrator account along with the DSRM password to get past the Windows logon screen.

It is very important to know what the DSRM password is. The DSRM password provides the administrator with a back door to boot into Directory Services Restore Mode for performing maintenance and recovery tasks. This account is often forgotten by most AD administrators, which results in a significant security risk. If exploited, this security risk can cause high impact.

The DSRM password should be changed on a regular basis. Because the DSRM password can be used to log on in Directory Services Restore Mode, and in this mode the tasks that can be performed are significant, an exploit of the DSRM account can be extremely detrimental to your AD DS forest.

But what to do if you forgot the DSRM password? In the event a DSRM password is forgotten, you can change or reset it easily by using the tricks described in this article: How to Change or Reset DSRM Administrator Password.

Forgot the Administrator Password on Windows Server 2012? How to Unlock Your Computer?

June 6th, 2013 by Admin

So I did something really stupid, forgot the admin password to my server running Windows Server 2012. I so rarely shut down and have to log in because my server is running 24/7 that when I lost power and had to log back in, I couldn’t remember my password. Is there any way to reset the password so I can unlock my server without having to reinstall the entire OS?

Forgot the administrator password on Windows Server 2012? It’s really a headache thing when you get locked out of your computer, especially there are important data stored on it, which stops you reinstalling the operating system. In this tutorial we’ll walk you through how to reset your forgotten administrator password on Windows Server 2012. Quickly unlock your server PC without losing your files. This might save you the days and days of reinstalling and reconfiguring all the software or services.

How to Unlock Windows Server 2012 When You Forgot the Administrator Password?

  1. First of all, you need to create a Live CD (or USB flash drive) on another PC that you can access. Download the ZIP archive of Reset Windows Password utility and save it on your desktop.
  2. Open the ZIP file and extract it to a folder on your desktop. Within that folder, you’ll find a file called ResetWindowsPwd.iso. Burn the ISO image onto an empty CD using ISO2Disc, BurnCDCC or other ISO burning software.
  3. Place the Live CD into the CD drive of your locked Windows Server 2012 PC. Turn on the computer and get it to boot from the Live CD instead of the hard drive. If the server still boots from hard drive, you need to change the boot order to CD/DVD-ROM in BIOS.
  4. After successfully booting from the Live CD, the computer will open up the Reset Windows Password program after a few minutes. The program automatically searches the Windows SAM registry hive for your Windows Server 2012 installation, and then display all of local user accounts on your PC.

    If you’ve forgotten the domain administrator password, you need to click on Reset Active Directory Password option. The program will display a list of Active Directory user accounts existing on your domain controller (DC).

  5. Choose the administrator account and then click on “Reset Password” button. It will reset your Windows Server 2012 administrator password, as well as unlocking the administrator account if it is locked out, disabled or expired.
  6. Restart the server and remove the Live CD. When the system boots to the login screen, you can successfully log back into your Windows Server 2012 administrator account. It’s that easy!

That’s all there is to it. Forgot your administrator password and get locked out of Windows Server 2012? Follow the steps above you can unlock Windows Server 2012 administrator password quickly and easily! This method also works with Windows Server 2008, 2003 and 2000.

How to Reset Windows 2003 Domain Administrator Password After Forgotten

May 27th, 2013 by Admin

I am trying get an unused Windows 2003 server up and running, it booted fine but I was greeted with the login window and none of the known passwords seem to work. The server I am trying to get to work is a domain controller and has not been used in a long time. How to recover or reset the forgotten domain administrator password?

Have you forgotten your domain administrator password? Do you need to reset the password in Windows Server 2003 Active Directory? Don’t worry, it happens to the best of us and you are not alone. In this article we’ll explain how to easily reset Windows 2003 domain administrator password after forgotten. This requires you to gain physical access to the domain controller that you are locked out of.

How to Reset Windows 2003 Domain Administrator Password After Forgotten?

Step #1: Download the Reset Windows Password package and save it on any computer which you can log on as administrator. extract the ResetWindowsPwd.zip file and it contains an ISO image file. Burn the ISO file to a CD or USB flash drive using ISO2Disc utility.

Step #2: Now start the Windows 2003 system which you want to reset the domain admin password by putting the CD or the USB in the computer. While start up you have to make sure that it boots up from the correct device i.e. from the CD or the USB. In order to do this go to your BIOS settings and change the boot order as CD or USB drive as the first option. Or if you know the Boot menu key then press it and boot from the correct device.

Step #3: After booting from the CD or the USB, the Reset Windows Password program will launch after one or two minutes. Click on the “Reset Active Directory Password” option, it automatically searches your 2003 Active Directory database and shows you a list of domain user accounts.

Step #4: Choose the domain administrator account from the list, and then click on “Reset Password” button. It will unlock/reset your forgotten Windows 2003 domain administrator password in no time.

Step #5: Now restart the computer and remove the CD/USB drive. When you reach the Windows 2003 login screen, you can log in to the domain administrator account using the new password: Password123. It’s so easy!

Conclusion

So this is how can you reset lost Windows 2003 domain administrator password. You can also use the CD/USB drive you’ve created above to reset forgotten local administrator password on Windows 2003. Enjoy it!

How to Reset Windows 2008 Administrator Password with Ease

May 9th, 2013 by Admin

I installed Windows Server 2008 a while back, but have forgotten my administrator password. I tried all password combinations I could think of, but nothing worked. So being distraught, how can I reset the forgotten administrator password without reinstalling?

Forgot your Windows 2008 administrator password? Is there a way out to reset lost AD password on a Windows 2008 server? Although there is one useful way to hack Windows password with a free Linux Live CD. However, you will be out of luck if you’ve set up a complicated password. It also doesn’t support password resetting for domain user accounts. If you don’t prefer that method, there is another simple method to reset Windows 2008 administrator password by creating a WinPE password reset bootdisk.

Reset Windows Password utility is such a WinPE password reset bootdisk that enables you to reset both local administrator password and domain administrator password on Windows 2008 server. It exists of an ISO image that needs to be burned to a CD or placed on a bootable USB drive. Afterwards, you boot from that CD to reset Windows 2008 administrator password with ease. Here are the step-by-step instructions.

How to Reset Windows 2008 Administrator Password with Ease?

Step #1: First of all you’ll have to download Reset Windows Password utility on another computer. Once the download is complete, unzip the download file and you’ll get the WinPE ISO image: ResetWindowsPwd.iso. Burn it to a blank CD using a image burning software like ISO2Disc or ImgBurn.

Step #2: Now when ever you forget or lose your Windows 2008 Administrator Password. On system restart, insert the burned disc into your CD/DVD-ROM. Make sure you have set the boot sequence to CD first.

Step #3: Once your computer boots from the CD, it will start the Reset Windows Password program soon after the booting procedure is complete. You’ll see two recovery modes available on the screen.

  • Reset Local Admin/User Password
  • Reset Active Directory Password

By default, the first option will be chosen and the program will display a list of Windows local user accounts inside your Windows SAM database. This option is designed for you to reset Windows 2008 local administrator password.

If your computer is domain controller and you’re going to reset Windows 2008 domain administrator password, choose the second option. It will display all your Active Directory user accounts inside ntds.dit (ntds.dit is the main Active Directory database file).

Step #4: Choose the local administrator account or domain administrator account, and then click on “Reset Password” button. Confirm your operation and the program will change/reset your Windows 2008 administrator password immediately.

Step #5: Now you can take the bootable CD out from the CD/DVD drive and start booting into Windows 2008. Type in the new password at the Windows login screen, you can then successfully logged back on your Windows 2008 server with administrator account.

So that is how can you reset Windows 2008 administrator password. Quickly and easily regain access to your server once you’ve lost or forgotten your administrator password. By following the same steps above, you can also reset forgotten administrator password on Windows 2012, 2003 and 2000 server. Enjoy it!

Windows 2003 Domain Administrator Password Recovery

May 6th, 2013 by Admin

I’ve forgotten the domain administrator password on my Windows Server 2003. I’ve tried the SRVANY trick but after rebooting 3 times into Directory Service Restore mode and tweaking the settings, I have not been able to log-in successfully. So, I’m not having much luck. I also saw a reference to Ophcrack, but it doesn’t support Windows Server 2003. How can I recover or change my forgotten domain admin password?

Forgot Windows 2003 domain administrator password? It happens with many peoples especially those who constantly change passwords or haven’t logged on their server for a long time. In this tutorial I will teach you a step by step procedure on how to create a Live CD and then use it to change Windows 2003 domain administrator password. Immediately recover access to your server without data loss!

Windows 2003 Domain Administrator Password Recovery

In this tutorial we’ll talk about a program called Reset Windows Password, which is a handy recovery utility that runs from a Live CD or USB drive. Its most common use is to reset Windows local user password you’ve forgotten but it also allows you to change domain administrator password on Windows Server 2012/2008/2003/2000. Let’s see how can you use it to recover Windows 2003 domain administrator password easily!

Step #1: First of all you’ll have to download Reset Windows Password utility on another computer. Once the Live CD ISO is downloaded, burn it on a blank CD using ISO image burning software like ISO2Disc or ImgBurn.

Step #2: Now turn on your Windows 2003 Server you want to recover the domain administrator password of, insert the burned disc into your CD/DVD-ROM. Make sure you have set the boot sequence to CD-ROM first. If not, go to BIOS and set the boot sequence accordingly.

Step #3: Once the Live CD loads it will automatically start the Reset Windows Password program. Click on the “Reset Active Directory Password” option, the program will decrypt the Active Directory database (ntds.dit) and show you a list of domain user accounts existing on your Windows 2003 server.

Step #4: Choose the domain administrator account and then click on “Reset Password” button. Confirm your operation and the program will change your forgotten domain administrator password to Password123.

Step #5: Now you can take the Live CD out from the CD/DVD drive and start booting into Windows 2003. Type in the new password at the Windows logon screen, you can then successfully logged back into your domain administrator user account.

So that was how you can easily recover access to your Windows 2003 server after forgetting domain administrator password. This method will not recover your original password but it resets the password, so you can use it to unlock lost Windows 2003 server quickly, no matter how complex or strong your domain administrator password may be. The procedure of Windows 2003 domain administrator password recovery is instant and easy!

Lost Administrator Password for Windows 2003 Server

March 12th, 2013 by Admin

I am trying get an unused server up and running, it booted fine but I was greeted with the login window and none of the known passwords seem to work. The server I am trying to get to work is not a Domain Controller and has not been used in a long time. How do I access Windows server 2003 without formatting the hard drive?

Lost administrator password of a Windows 2003 server machine which is rarely used? Is there any way to make the system up and running without needing to reinstall the system? There is a powerful rescue utility called Password Recovery Bundle, which enables you to create a Live CD/USB that could be used to reset lost or forgotten password for both local administrator and domain administrator on Windows 2003 server. Here we’ll guide you directly through all the steps involved in resetting lost administrator password for Windows 2003 server.

How to Reset Lost Administrator Password for Windows 2003 Server?

  1. Download and install Password Recovery Bundle on another computer that you can log in.
  2. Put a blank CD in the CD drive in order to create a Live CD.
  3. Launch Password Recovery Bundle and click on Windows Password button, it will display the ISO burning dialog.

  4. Choose the CD you’ve plugged in and then click on Start Burn button to create a Live CD.
  5. After you have the Live CD, put it into the CD drive of your Windows 2003 server that needs a password reset.
  6. Turn on the server and have it boot from the Live CD. You may need to go into BIOS and set CD/DVD as the first boot device.
  7. After booting from the Live CD, it will load the Windows PE operating system inside the Live CD and start the Reset Windows Password program.

  8. By default, the program will display a list of local user accounts existing in your Windows SAM registry hive. If your server is a domain controller and you want to reset lost domain administrator password, please choose the Reset Active Directory Password option, the program will show your domain user accounts existing in the Active Directory database (ntds.dit).
  9. Choose the administrator account from the list, then click on Reset Password button, the program will reset your lost administrator password immediately.

The last step is to remove the Live CD and restart the server. You can then log into the administrator account of your Windows 2003 server. It’s simple as that! The Live CD could also be used to reset lost administrator password on Windows 2012/2008/2000 server.

How to Change or Reset DSRM Administrator Password

February 28th, 2013 by Admin

DSRM (Directory Services Restore Mode) is a boot mode on a domain controller for repairing and restoring Active Directory data. To boot your computer into DSRM mode, you need to know the DSRM administrator password, which is set during the process of promoting member server to a domain controller. There’s a chance you could forget your DSRM administrator password because it’s so rarely used. In this tutorial we’re going to explain how to change or reset the DSRM administrator password on Windows Server 2012/2008/2003 and 2000.

Change or Reset the DSRM Administrator Password

If you can log on domain controller using the domain administrator account, you can use the NT Directory Services utility (Ntdsutil.exe) to change the DSRM administrator password. To do so, follow these steps:

  1. Log on to the domain controller using an account with administrative rights.
  2. Go to Start | Run, type cmd, and press [Enter].
  3. At the command prompt, type cd %SystemRoot%\System32,and press [Enter].
  4. Type ntdsutil, and press [Enter].
  5. Type set dsrm password, and press [Enter].
  6. At the DSRM command prompt, you can reset the password for either the server on which you’re working or for another server. For the former, type reset password on server null, and enter the new password when prompted. (No characters will appear when you type the password.)
    To reset the password for another server, type reset password on server <servername> (where <servername> is the DNS name for the server in question), and enter the new password when prompted. (No characters will appear when you type the password.)
  7. At the DSRM command prompt, type q to exit.
  8. At the Ntdsutil command prompt, type q to exit the utility and return to the command prompt.

Couldn’t Login to Domain Controller?

If you can’t log into domain controller, the trick mentioned above doesn’t work any more! Fortunately there is a professional Windows password cracking utility – Reset Windows Password, which allows you to reset DSRM password easily. Just follow these steps:

  1. You need an alternative computer with internet access to download the Reset Windows Password utility.
  2. Unzip the download file, you’ll get the ResetWindowsPwd.iso file.
  3. Burn the ISO image file to a CD or USB thumb drive using the ISO2Disc tool.
  4. Insert your newly burned CD/USB drive into the domain controller and turn on the computer. Get into the BIOS and change the boot order to set the computer to boot from CD/USB.
  5. Once you’ve gotten it to boot from the CD/USB, the computer will load the system inside the CD/USB drive and launch the Reset Windows Password utility.

    Reset Windows Password

  6. Click on the Reset Local Admin/User Password option, you’ll see the Windows SAM database and local user accounts.
  7. Choose the local administrator account and click on the Reset Password button.
  8. It will remove your forgotten DSRM administrator password immediately.

The DSRM administrator password is a tremendously powerful password, and you should change it at regular intervals, along with all of your other administrative account passwords.