How to Break Domain Controller Password without Logging In

October 4th, 2012 by Admin Leave a reply »

Forgot domain administrator password and couldn’t log on your domain controller? This is the most common password problems that many network administrators and system administrators face when dealing with domain controller. Here we’ll show you an easy way to break domain controller password quickly and easily.

Reset Windows Password is the powerful utility which enables you to break domain controller password on Windows Server 2008/2003/2000. This utility works offline, that means you need to shut down your computer and boot off your computer using a CD or USB stick.

How this software works?

Windows Active Directory stores the domain user passwords and other account information in a file called NTDS.dit. This file can be usually found in:\windows\ntds. This file is a part of Active Directory database and remains inaccessible as long as the domain controller is running. Hence, it is necessary that you boot off your computer and access this NTDS.dit file via the boot disk. This tool intelligently gains access to this file and will reset/change the password associated with administrator or any other domain user account.

How to break domain controller password without logging in?

The steps involves burning a Live CD on another accessible computer, and then boot up your domain controller with the Live CD so you can break domain controller without even logging in.

  1. Download the Reset Windows Password utility. Unzip the download file and you’ll get a ResetWindowsPwd.iso file.
  2. Burn the ISO image file to a blank CD using any burning program (we recommend BurnCDCC) that can burn ISO images.
  3. After you have the Live CD, bring it to boot off your domain controller whose password you want to break. You’ll see that the computer will load some files inside the Live CD and launch the Reset Windows Password utility.
  4. Click on the Reset Active Directory Password option, then choose the Active Directory ntds.dit database file from the drop-down list. It will display the domain user accounts and you can find which account is password-protected, locked out or disabled.
  5. Choose a user account and then click on the Reset Password button, it will break your domain account and change the forgotten/unknown password to a new one: Password123.
  6. Now remove the Live CD and restart the computer, you can then log in to your domain user account with the new password.

With the Live CD you can also use it to reset local admin/user passwords on Windows Server 2008/2003/2000 and Windows 8/7/Vista/XP. It’s a must-have Live CD for network administrators and system administrators.