No announcement yet.

2003 Server AD admin password reset

  • Filter
  • Time
  • Show
Clear All
new posts

  • 2003 Server AD admin password reset

    I have been able to reset NT and 2000 AD admin passwords using the references here on this site. But those techniques do not work for 2003 server. I was wondering if anyone has any insite on this?

  • #2
    Recovering lost W2k3 Domain Admin passwords

    I've found the same problem.

    In WinNT4 and Win2k it was possible to recover from lost or maliciously changed Domain Admin passwords using these methods:

    It appears, at least in my testing, that the methods described in the above links no longer work in W2k3. In my testing I've found the the cmd shell that you get in W2k3 when you perform the registry change which modifies the default screensaver to cmd.exe runs in the context of the "LOCAL SERVICE" account. In previous versions of NT4/2000 the screensaver (the cmd.exe shell) would run as the SYSTEM account.

    The "LOCAL SERVICE" account doesn't have the necessary permissions to use the described techniques to change the Domain Admins password (I used the default Administrator account in my testing).

    I'm still trying to figure out a way of getting around this (and I have a few others looking into it as well).

    Has anyone succeded in doing this in W2k3?