Posts Tagged ‘ntds.dit’

How to Break Domain Controller Password without Logging In

October 4th, 2012 by Admin

Forgot domain administrator password and couldn’t log on your domain controller? This is the most common password problems that many network administrators and system administrators face when dealing with domain controller. Here we’ll show you an easy way to break domain controller password quickly and easily.

Reset Windows Password is the powerful utility which enables you to break domain controller password on Windows Server 2008/2003/2000. This utility works offline, that means you need to shut down your computer and boot off your computer using a CD or USB stick.

How this software works?

Windows Active Directory stores the domain user passwords and other account information in a file called NTDS.dit. This file can be usually found in:\windows\ntds. This file is a part of Active Directory database and remains inaccessible as long as the domain controller is running. Hence, it is necessary that you boot off your computer and access this NTDS.dit file via the boot disk. This tool intelligently gains access to this file and will reset/change the password associated with administrator or any other domain user account.

How to break domain controller password without logging in?

The steps involves burning a Live CD on another accessible computer, and then boot up your domain controller with the Live CD so you can break domain controller without even logging in.

  1. Download the Reset Windows Password utility. Unzip the download file and you’ll get a ResetWindowsPwd.iso file.
  2. Burn the ISO image file to a blank CD using any burning program (we recommend BurnCDCC) that can burn ISO images.
  3. After you have the Live CD, bring it to boot off your domain controller whose password you want to break. You’ll see that the computer will load some files inside the Live CD and launch the Reset Windows Password utility.
  4. Click on the Reset Active Directory Password option, then choose the Active Directory ntds.dit database file from the drop-down list. It will display the domain user accounts and you can find which account is password-protected, locked out or disabled.
  5. Choose a user account and then click on the Reset Password button, it will break your domain account and change the forgotten/unknown password to a new one: Password123.
  6. Now remove the Live CD and restart the computer, you can then log in to your domain user account with the new password.

With the Live CD you can also use it to reset local admin/user passwords on Windows Server 2008/2003/2000 and Windows 8/7/Vista/XP. It’s a must-have Live CD for network administrators and system administrators.

How to Recover Active Directory Password with A Live CD

September 29th, 2012 by Admin

Forgot Active Directory password is one of the most annoying thing for network administrators in medium to large organizations. If the domain controller is very important for your company, then you have to find some other ways to recover Active Directory password than formatting and reinstalling the server. There are many excellent Windows password recovery software available on the internet, but none of them are able to recover Active Directory password.

Active Directory password is encrypted and stored in the NTDS.dit database. Once you’ve forgotten the password, you have no access to all your computer files. So we need to create a Live CD and use it to boot your domain controller for performing password recovery. Password Recovery Bundle is the only software you need in this tutorial.

How to Recover Active Directory Password with A Live CD?

  1. Download and install Password Recovery Bundle on another computer that you can log in.
  2. Prepare a blank CD and insert it into the computer.
  3. Launch Password Recovery Bundle and click on Windows Password button, it will display the ISO burning dialog.

  4. Choose your CD you’ve plugged in and then click on Start Burn button to create a Live CD.
  5. After you have the Live CD, put it into the CD drive of your domain controller whose password you want to recover.
  6. Turn on the domain controller and have it boot from the Live CD. You may need to go into BIOS and set CD/DVD as the first boot device.
  7. After booting from the Live CD, it will load the Windows PE operating system inside the Live CD and start the Reset Windows Password program.

  8. Choose the Active Directory NTDS.dit database, it will display a list of domain user accounts inside the NTDS.dit database.
  9. Choose a domain user account from the list, then click on Reset Password button, the program will replace the forgotten/unknown password with a new password: Password123.

Remove the Live CD and restart the domain controller, you can then log in to your Active Directory user account and recover access to all data and files on your domain controller. The Active Directory password recovery procedure is simple and fast! No need to spend a lot of time to rebuild your server.