No announcement yet.

2003 AD Administrator Password Gone

  • Filter
  • Time
  • Show
Clear All
new posts

  • 2003 AD Administrator Password Gone

    Hi. I'm in a bad way, and I could use help. You see, a cousin several states away died suddenly of a heart attack. Sadly, he didn't leave his admin password in escrow, and so, I have been called upon to crack his account by our family. He owned the server, and so on.

    I have an assistant in the state (eg, several hundred miles away), who is somewhat capable of following typed commands. We have, using ophcrack, determined the Directory Services Restore Mode password, and logged onto the server in said mode.

    Then, we ran this script.
    Then we set the Pwreset service to log on as a Local System account, and allow the system to interact with desktop.

    The password of the Administrator account was not reset.

    Should it be set to log on as 'this account'? What account should this account be?

    We really need to get in, as we need to reset this guy's password, so we can get into his files and so on, to get his business running again.

    Any help would be appreciated, cause I'm straight out of ideas, here.

  • #2
    Re: 2003 AD Administrator Password Gone

    If the server is using standard IDE or SATA drives in a non-RAID configuration, you could pull the drive(s) and mount as slave(s) in another machine to get at the files (assuming no disk or file encryption was used).


    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.


    • #3
      Re: 2003 AD Administrator Password Gone

      We can get at the files, generally. The problem is more a matter of trying to get to this guy's account. (we need to unlock Admin to change his password so his wife can get on and check his e-mail, etcetera, etcetera)