Password Recovery - Need some Advice
Posted on 2005-04-14
I run a small network support company and have run into quite a snafu. I am familiar with the procedures for resetting password via the bootable linux distros, and familiar with LC5 and have the program. I am a SSCP, MCSE, CCSA, and am very familiar with netowrking. Just need a little help from the strong AntiOnline community to help me in the endevor. I will post my success and failures after tomorrow to give props to those who helped :-) My problems is this.
My new client terminated their network administrator yesterday (hence why they are my new client). The network admin left a few passwords but none of them actually work. I am now faced with about 20 client machines and 3-4 servers.
2 servers are Windows 2000 server
1 server is NT4.
25 mixed XP, 98, 2000, (with local accounts created for the users, which are part of the admin group on the local machine, i know, as I said the old admin was not to skilled)
The environment is one large workgroup...I dont know why it wasent set up as a domain, but that may be part of the reason the old admin is gone, lack of skills.
I have no true idea of what is on each server, and need to gain access to the admin account. I know I can reset the admin password with a bootable linux disk, or obtain the SAM and crack it offline possibly with LC5.
But, I need to ensure that there is very little disruption to the network, mapped drives, possible services that are running under the administrator account credentials.
Can anyone provide any input or helpfull ideas.
Basicly I need to regain control of the entire network, and start mapping it so I know its entire layout. ROOT is KEY!!!!
I was thinking of starting with a Languard scan to enumerate all accounts on the servers to see if there is other accounts that may be easier to access with admin privilages, which will allow me to reset the main admin account. THis will also let me know what share I may be dealing with.
Anyway, any ideas to make my life easier tomorrow??