Method 1
This procedure is useful to recover the original Administrator password that emulates TrustedInstaller and has full access to the local Windows installation instance. Hackers have been known to use this method to gain access to a Windows system if console or physical access has been breached.
Start > Run > NTDSUTIL >
set dsrm password
reset password on server DC01
Method 2
Note: this has been tested on Windows 2012 to recover the Administrator Password
-
Important: boot from the Microsoft Windows Server 2012 DVD – Not from the local hard drive where the existing OS resides
-
From the Windows Setup menu, click “Next”.
-
Select “Repair your computer”
-
Under Choose and option, click on “Troubleshoot”.
-
Under Advanced options, click “Command Prompt”.
-
At the command prompt, run the following commands (assuming c: is the existing hard drive and x: is the CD mount):c:cd windows\system32ren Utilman.exe Utilman.exe.oldcopy cmd.exe Utilman.exe
-
Close the command prompt and then click “Continue”.
-
The server should now boot and present the logon screen. Here press the Windows + U combination keys.
-
At the prompt you can now change the password, by typing the following command:net user administrator PASSWORD
Administrator Pitfalls to Avoid
Active Directory:
-
Do not restore Active Directory Domain Controller from a VMware or AWS snapshot. The numbered version control of a restored machine will cause havoc to the system
-
When restoring a domain controller, use the non-authoritative restore mode so that it can back fill using updates from other domain controllers
-
Always make a backup of your domain controller prior to any modification its registry
Categories: