Announcement

Collapse
No announcement yet.

Windows 2008 Server - Lost Domain Admin Password

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows 2008 Server - Lost Domain Admin Password

    Hello everyone, (First time poster, long time reader)

    I'll start by saying that I'm posting here because (as usual) Petri.co.il always seems to have the answers. I found this article but the fix didn't work for me:
    http://www.petri.com/reset_domain_admin_password_in_windows_server_2003 _ad.htm

    In my case I'm working on a fully updated (to last week) Windows 2008 Small Business Standard server but I don't think that will matter for the purposes of that article. The Domain account named Administrator has been disabled (as a security precaution) and we've been using the user account BTS (created by copying the Administrator account prior to being disabled).

    I first attempted to apply the fix by hand, following the article verbatim but it didn't work so I followed along and reviewed the purpose, scope, function, and use of the commands used. I went through and thought I had found a silly oversight: I changed "administrator" to "BTS" and rebooted...

    Original registry entries:
    Code:
    name: Application
    type: REG_SZ (string)
    value: d:\temp\cmd.exe
    
    name: AppParameters
    type: REG_SZ (string)
    value: /k net user administrator 123456 /domain
    Modified registry entries:
    Code:
     name: Application
    type: REG_SZ (string)
    value: C:\temp\cmd.exe
    
    name: AppParameters
    type: REG_SZ (string)
    value: /k net user BTS <COMPLEX PASSWORD> /domain

    Attempted to login with <DOMAIN>\BTS and.... no good: incorrect password.
    Attempted to login with <DOMAIN>\Administrator and... account disabled.

    Hmm... now I'm really thinking that something I did was the cause of this mess so I ran the script provided by Robert Strom (with BTS <reboot, attempt login> and then again with Administrator <reboot, attempt login>) without any luck at all.

    Now I'm wondering... is there any way that I can re-enable the <DOMAIN>\Administrator account from the local administrator account?

    Any help or insight would be appreciated. (TIA)

  • #2
    Re: Windows 2008 Server - Lost Domain Admin Password

    So I had an idea shortly after posting the last post:

    Why not run this command using the same technique as we used to reset the password? (srvany, registry entry, etc)

    Code:
    net user administrator /active:yes /domain
    Didn't work... just thought I'd see if that sparked any creative criticisms.

    Comment


    • #3
      Re: Windows 2008 Server - Lost Domain Admin Password

      Moved to Forgot Password forum
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Windows 2008 Server - Lost Domain Admin Password

        Hi
        Did you find out how to crack the thing? Im having the same problem with my sbs2008 server. Have the local admin password, but not the domain admin password and im getting desperate.
        Any help would be appriciatet.
        Kris

        Comment


        • #5
          Re: Windows 2008 Server - Lost Domain Admin Password

          Sorry Krisx, I just landed up doing a reinstall because I reached the point where it was taking more time than I was saving.

          Goes to show that it's a good idea to have a "back-door" account that you can use to get in and reset the main admin account in the event of disaster. Every company that I set up gets a sealed envelope that goes in their fire safe with instructions on how to reset the admin account's password. We call it the 'hit by a bus' clause.

          Comment

          Working...
          X