Solved

Directory Service Recovery Mode - local admin password missing

Posted on 2006-07-24
11
1,508 Views
Last Modified: 2008-01-09
Hi experts,

I inherited a domain controller for which a regular AD backup is being done. However, the DC's local admin password was not handed down.

It's a W2K3 DC.

Is there a way to set / check / go around ...?

I had been searching around and it seems rather hopeless. BTW it's the lone DC on the network. I don't want to face the day unprepared.

Many thanks

dtview
0
Comment
Question by:dtview
  • 2
  • 2
  • 2
  • +4
11 Comments
 
LVL 28

Assisted Solution

by:Michael Pfister
Michael Pfister earned 200 total points
ID: 17166240
Have you already tried setpwd? http://support.microsoft.com/kb/239803/en-us

Or this one? http://support.microsoft.com/kb/322672/en-us

Hope it helps,

Michael

0
 
LVL 87

Assisted Solution

by:rindi
rindi earned 40 total points
ID: 17166269
Have you tried it without a password? Often this password isn't defined during the installation and you can just press enter. Otherwise get a copy of the UBCD which includes an offline password resetter, maybe that also works for the recovery mode PW.

http://ultimatebootcd.com
0
 
LVL 7

Assisted Solution

by:nttranbao
nttranbao earned 20 total points
ID: 17166283
use hiren boot CD to crack that password
www.9down.com, search for the CD iso
0
 
LVL 3

Assisted Solution

by:Tonie16
Tonie16 earned 20 total points
ID: 17166454
Hi There,

Here's some info about Hiren's Boot CD, very useful - http://homepage.ntlworld.com/hiren.thanki/bootcd.html

Use this program on the CD, Active Password Changer 3.0. It clears the password.
Worked for me !!

Here's the link for the ISO - http://www.verzend.be/v/9557211/Hiren_s.Boot_CD_8.2.ISO.rar.html

Cheers,
0
 
LVL 22

Assisted Solution

by:pjedmond
pjedmond earned 20 total points
ID: 17166610
http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm

Links at the bottom of the page to get around most other windows 2003 password recovery situations, *unless* you have an encrypted File System....then things become a little more interesting;)

(   (()
(`-' _\
 ''  ''

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 87

Assisted Solution

by:rindi
rindi earned 40 total points
ID: 17166622
I'd be carefull about hiren's CD, some of the software titles on it are commercial products which normally you have to buy. That could mean it is pirated which wouldn't be in accordance to the rules on this site.

The software titles on the UBCD on the other hand are either all free, or at least shareware, so there you wouldn't be pirating...
0
 
LVL 16

Accepted Solution

by:
Nyaema earned 200 total points
ID: 17167991
To Reset the Directory Services Recovery mode password

start->run

ntdsutil

ntdsutil: set dsrm password
Reset DSRM Administrator Password: reset password on server server_name
Please type the password for DS Restore Mode Administrator account: password
Please confirm new password: password


where server_machine is the name/ip of your server
and password is the new password you want to set
0
 

Author Comment

by:dtview
ID: 17182619
Gee thanks, I will work them out in a lab environment first. Will revert.

dtview
0
 

Author Comment

by:dtview
ID: 17354385
Thanks to all who contributed and apologies for the dealy ... to be frank I have yet to find a chance to try them out in my lab. I'd love to assign more points to each one though it seems 500 points is the most I am allowed to offer in total.

mpfister and Nyaema - thanks for your solutions. Unfortunately I can't assign more than 1 accepted answer. It's good of mpfister to give the kb number.

I gave 20 points each for the rest, because I don't have that many points left to spare and as rindi said, anything close to pirating may not be desirable. Of course when desperate I wouldn't be that picky (knock wood)

dtview
0
 
LVL 16

Expert Comment

by:Nyaema
ID: 17362519
Thank you too dtview. =)
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Occasionally Windows/Microsoft Updates will fail to update. We have found a code that will delete all temporary files and re-register all dll's related to Windows/Microsoft Updates! This works 99% of the time to get the updates working again! The…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now