No announcement yet.

Disabled Ad Admin Account

  • Filter
  • Time
  • Show
Clear All
new posts

  • Disabled Ad Admin Account

    I got a call last week about an SBS 2003 AD admin account being locked out.
    Some one who should not have been on the server changed the account name, and disabled all kinds of stuff and backdoor accounts too on accident and then "threw away the key" by disabling the admin account while still logged in as that admin.

    I was able to reset the local admin account and discover the whole story from there and scanning the box for accounts that could be used to get in. But nothing I have read so far can enable any of these accounts. I need to know if there is a way. At minimum I need another admin account created on the server. The latest updates have been added and the policy does not permit logins other than admins AT the server. Can I import a security template via a local admin account for the domain that would allow access at the server for non admin accounts?


  • #2
    Re: Disabled Ad Admin Account

    Do you have access to the server as an admin using TS or the Remote Web Workplace using <FQDN>/remote? Perhaps you can get back in that way! Otherwise you need a serious Hack.

    Steven Teiger [SBS-MVP(2003-2009)]
    Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

    We donít stop playing because we grow old, we grow old because we stop playing.