Posts Tagged ‘windows server 2008’

Forgot Domain Administrator Password on Windows Server 2008

January 10th, 2013 by Admin

We are taking over a new company and nobody knows the administrator password to log on the Windows Server 2008 domain controller, we try with few users to see if they were administrator in the domain with no luck. no way to contact the person that set it up. Is there a way that we can change or reset the password? Thanks in advance.

I think it is a fairly common occurrence these days that IT Administrators forget the password of a domain controller after they have got back from a vacation or there has just been a situation where the previous system admin has left without leaving the server password.

There are lot of different Windows password recovery utilities that are available on the web. Some open source and some paid ones and it can get a bit confusing when deciding which one to go with.

There is one utility that you can rely on and believe it works on all Windows Server OS, including Windows Server 2012/2008/2003/2000. This is called Reset Windows Password. Once you have downloaded the ISO image, burn it on a CD and then boot the server of it. Resetting forgotten domain administrator password for a domain controller is a 2-step procedure.

How to Reset Forgotten Domain Administrator Password on Windows Server 2008?

First, you will need to download the Reset Windows Password utility on any PC that you can access. This can be your work PC, or a friend or your co-worker’s computer. After the download is complete, unzip the download file and you’ll get the ResetWindowsPwd.iso file.

Burn the ResetWindowsPwd.iso file to a CD using your preferred CD Burning software. If you don’t have one, you can use the freeware such as ImgBurn or ISO2Disc. If your domain controller doesn’t come with a CD/DVD-ROM, you can choose to burn the ISO image to a USB flash drive using ISO2Disc.

Put the CD into the CD drive of your domain controller, then change the boot order in BIOS to set the computer to boot from CD. Once the computer has booted, it will load the OS inside the CD drive and launch the Reset Windows Password utility.

Choose the Reset Active Directory Password option, the program will locate the ntds.dit file which is used to stored domain user login details on your domain controller.

Choose the domain administrator account and then click on Reset Password button, the program will change the forgotten/unknown password to Password123 by default, and also unlock/enable the account in case it is locked out or disabled.

The last step is remove the CD and restart the domain controller, you’ll be able to log in to your Windows Server 2008 using the domain administrator account. This is it!! You have successfully hacked your own server.

How to Backup Windows Server 2008 Active Directory

October 19th, 2012 by Admin

Backing up Active Directory is essential to maintain an Active Directory database. A system state backup is particularly important for disaster recovery purpose in case of a accidental corruption or deletion of Active Directory objects. Since Windows Server 2008, you won’t find the well-known ntbackup.exe, the native backup tool in previous Windows versions. Instead, you use Windows Server Backup, the new native backup solution, which is available as an installation option in all versions of Server 2008.

Tips: If you forgot domain administrator password in Active Directory and can’t log on the domain controller, you can reset/unlock any domain user account passwords easily with Reset Windows Password utility.

In this tutorial we’re going to demonstrate the steps of backing up Windows Server 2008 Active Directory. To get started, you need to install Windows Server Backup from the Server Manager, so you can then use it to perform a system state backup.

Part 1: Install Windows Server Backup

  1. Go to Start menu, and then select Administrative Tools, click on Server Manger.
  2. Under Server Manager window, click on the Add Features link from the features summary section.
  3. Select the Windows Server Backup Features, and then click on Next. The Command-line Tools allows you to perform a DC backup and recovery from the command line.
  4. Click on Install to complete the installation.

Part 2: Backup Windows Server 2008 Active Directory

Now that we have Windows Server Backup installed lets perform our first backup of Active Directory in Windows Server 2008.

  1. Go to Start menu, and then select Administrative Tools, click on Windows Server Backup.
  2. Select the Backup Once option to perform an immediate backup as illustrated in the screen below.
  3. It will bring up the Backup Once Wizard, select Different Options and then click Next.
  4. If you want to perform a full backup of your server, click on the Full server option. Now we’re going to perform a system state backup, so we choose the Custom option.
  5. In the next window, you can customize the items you want to backup.
  6. Click on Add Items button, check the System state option from the list. You can also choose to backup the entire NTFS volume on your computer.
  7. Specify the destination type for your backup. A system-state backup can’t be performed directly to a network share so we have to choose the Local drives.
  8. Next select a volume to store the backup. Windows Server Backup requires you to provide a separate target volume for the backup data. In single-volume server, you may need to shrink the existing partition to create a volume dedicated solely to backup data.
  9. In the next window, confirm the options you have selected and then click on Backup.

If you want to script the backup process, or if you are backing up a server on a Server Core installation, you can use the WBADMIN.EXE command-line program. WBADMIN provides a complete set of options that perform essentially the same functions as the MMC snap-in, including performing a system state backup.

How to Reset Lost 2008 Active Directory Admin Password

October 11th, 2012 by Admin

We have a few customers, who have forgot their AD Administrator password on their Windows 2008 server. Is there really any way to recover it? I know it’s possible to reset your Windows 7, XP and Vista password. But is it possible to get the AD administrator password on a 2008 server? I hope we can avoid a re-install. Cheers.

Lost or forgot the administrator password on Active Directory 2008? There isn’t any efficient way to recover the password as Active Directory encrypts the password using some very strong encryption algorithms. But you can reset or replace the forgotten password easily. Today’s tutorial will be covering a technique that will allow you to reset your lost 2008 Active Directory Administrator Password.

How to Reset Lost 2008 Active Directory Admin Password?

  1. Download and install Password Recovery Bundle on another computer that you can log in.
  2. Prepare a blank CD and insert it into the computer.
  3. Launch Password Recovery Bundle and click on Windows Password button, it will display the ISO burning dialog.

  4. Choose your CD you’ve plugged in and then click on Start Burn button to create a Live CD.
  5. After you have the Live CD, put it into the CD drive of your Active Directory server whose password you want to reset.
  6. Turn on the Active Directory server and have it boot from the Live CD. You may need to go into BIOS and set CD/DVD as the first boot device.
  7. After booting from the Live CD, it will load the Windows PE operating system inside the Live CD and start the Reset Windows Password program.

  8. Choose the Active Directory NTDS.dit database, it will display a list of domain user accounts inside the NTDS.dit database.
  9. Choose the administrator account from the list, then click on Reset Password button, the program will replace the forgotten/unknown administrator password with a new password: Password123.

Take out the Live CD and reboot the Windows 2008 server, you can then log in to your domain administrator account with your new password. With the Live CD you can also reset lost admin password on Windows 8, 7, Vista, XP.

How To Install Active Directory on Windows Server 2008

June 14th, 2012 by Admin

In any small network setup where there are maximum of 15 computers, peer-to-peer network infrastructure is the best solution. However when the number of computers are increased and it becomes practically impossible for the administrators to manage several computers as a peer-to-peer setup, installation of Active Directory Services becomes essential.

In this scenario we are going to install Active Directory fresh with a brand new Domain Controller after a fresh install of Windows Server 2008.

Requirements for Active Directory:

Let’s go through some of the requirements for a fresh install of Active Directory Domain Services. Some of these will be required to be done beforehand, others as noted can be done during the install:

  • Install Windows Server 2008
  • Configure TCP/IP and DNS networking configurations
  • An NTFS partition with enough free space
  • Active Directory requires DNS to be installed in the network. If it is not already installed you can specify DNS server to be installed during the Active Directory Domain Services installation.

Once you verify that these requirements have been met we can get started.

How to Install Active Directory on Windows Server 2008:

Let’s start by installing Active Directory through Server Manager. This is the most straight forward way, as a wizard will guide you through the steps necessary.

1. Start Server Manager.

2. Select Roles in the left pane, then click on Add Roles in the center console.

3. Depending on whether you checked off to skip the Before You Begin page while installing another service, you will now see warning pages telling you to make sure you have strong security, static IP, and latest patches before adding roles to your server.

If you get this page, then just click Next.

4. In the Select Server Roles window we are going to place a check next to Active Directory Domain Services and click Next.

5. The information page on Active Directory Domain Services will give the following warnings, which after reading, you should click Next:

 

6. The Confirm Installation Selections screen will show you some information messages and warn that the server may need to be restarted after installation. Review the information and then click Install.

7. The Installation Results screen will hopefully show Installation Succeeded, and an additional warning about running dcpromo.exe (I think they really want us to run dcpromo). Click Close.

8. After the Installation Wizard closes you will see that Server Manager is showing that Active Directory Domain Services is still not running. This is because we have not run dcpromo yet.

9. Click on the Start button, type dcpromo.exe in the search box and either hit Enter or click on the search result.

10. The Active Directory Domain Services Installation Wizard will now start. There are links to more information if you want to learn a bit more you can follow them or you can go ahead and click Use advanced mode installation and then click Next.

11. The next screen warns about some operating system compatibility with some older clients. Click Next.

12. Next is the Choose Deployment Configuration screen and you can choose to add a domain to an existing forest or create a forest from scratch. Choose Create a new domain in a new forest and click Next.

13. The Name the Forest Root Domain wants you to name the root domain of the forest you are creating.

For the purposes of this test we will create ADExample.com. After typing that go ahead and click Next.

14. The wizard will test to see if that name has been used, after a few seconds you will then be asked for the NetBios name for the domain. In this case I will leave the default in place of ADEXAMPLE, and then click Next.

15. The next screen is the Set Forest Functional Level that allows you to choose the function level of the forest.

Since this is a fresh install and a new forest with no additional prior version domains to worry about I am going to select Windows Server 2008. If you did have other domain controllers at earlier versions or had a need to have Windows 2000 or 2003 domain controllers (because of Exchange for example), then you should select the appropriate function level.

Select Windows Server 2008 and then click Next.

16. Now we come to the Additional Domain Controller Options where you can select to install a DNS server, which is recommended on the first domain controller.

Let’s install the DNS Server by placing a check next to it and clicking Next.

17. You will get a warning window about delegation for this DNS server cannot be created, but since this is the first DNS server you can just click Yes and ignore this warning.

18. Next you can choose to place the files that are necessary for Active Directory, including the Database, Log Files, and SYSVOL.

It is recommended to place the log files and database on a separate volume for performance and recoverability. You can just leave the defaults though and click Next.

19. Now choose a password for Directory Services Restore Mode that is different than the domain password. Type your password and confirm it before hitting Next.

Note: You should use a STRONG password for this and will be warned if it doesn’t meet criteria.

20. Next you will see a summary of all the options you have went through in the wizard.

If you plan on creating more domain controllers with the same settings hit the Export settings … button to save off a text copy of the settings to use in an answer file for a scripted install. After exporting and reviewing settings click on Next.

21. Now the installation will start including the DNS server option if selected. You will notice a box to Reboot on completion that you can check to reboot soon as everything is installed (A reboot is required you can do it manually or use this function to do it automatically).

NOTE: This can be from a few minutes to several hours depending on different factors.

 

When its done you will be notified and required to reboot your PC. That’s all!  Now you have a working installation of Active Directory.

How to Add a Computer to Windows Server 2008 Active Directory Domain?

June 7th, 2012 by Admin

This post is for newbies, for the people who are learning Windows Server and Active Directory administration. Follow below steps for adding a computer or a member server to Windows Server 2008 Active Directory based domain.

  1. Go to Run and type ‘NCPA.CPL’ and launch Network settings.
  2. Configure IP address, Subnet Mask, Gateway IP (if any) and DNS IP address.
  3. Ensure connectivity by pining to DNS server / Domain Controller.
  4. Right click on ‘Computer’ and click on properties. Click on ‘Change Settings’.
  5. Click on ‘Change’ button at System Properties.
  6. Select ‘Domain’ and provide domain name. In this example its ‘training’.
  7. Click OK and provide user name and password of Domain Admin  or any other authorized user name.
  8. Reboot the computer to enable the changes.

If your are getting any errors while adding the computer to domain, there seems to be connection issues with Domain Controller. Go to the AD server and check if it is functioning properly. Also check the DNS IP configuration at the client computer. It should be pointing to the correct AD / DNS server.

If you forgot domain administrator password for your Windows Server 2008 Active Directory, you can easily reset the password using Password Recovery Bundle 2012.