Solved

Directory Service Recovery Mode - local admin password missing

Posted on 2006-07-24
11
1,519 Views
Last Modified: 2008-01-09
Hi experts,

I inherited a domain controller for which a regular AD backup is being done. However, the DC's local admin password was not handed down.

It's a W2K3 DC.

Is there a way to set / check / go around ...?

I had been searching around and it seems rather hopeless. BTW it's the lone DC on the network. I don't want to face the day unprepared.

Many thanks

dtview
0
Comment
Question by:dtview
  • 2
  • 2
  • 2
  • +4
11 Comments
 
LVL 28

Assisted Solution

by:Michael Pfister
Michael Pfister earned 200 total points
ID: 17166240
Have you already tried setpwd? http://support.microsoft.com/kb/239803/en-us

Or this one? http://support.microsoft.com/kb/322672/en-us

Hope it helps,

Michael

0
 
LVL 88

Assisted Solution

by:rindi
rindi earned 40 total points
ID: 17166269
Have you tried it without a password? Often this password isn't defined during the installation and you can just press enter. Otherwise get a copy of the UBCD which includes an offline password resetter, maybe that also works for the recovery mode PW.

http://ultimatebootcd.com
0
 
LVL 7

Assisted Solution

by:nttranbao
nttranbao earned 20 total points
ID: 17166283
use hiren boot CD to crack that password
www.9down.com, search for the CD iso
0
 
LVL 3

Assisted Solution

by:Tonie16
Tonie16 earned 20 total points
ID: 17166454
Hi There,

Here's some info about Hiren's Boot CD, very useful - http://homepage.ntlworld.com/hiren.thanki/bootcd.html

Use this program on the CD, Active Password Changer 3.0. It clears the password.
Worked for me !!

Here's the link for the ISO - http://www.verzend.be/v/9557211/Hiren_s.Boot_CD_8.2.ISO.rar.html

Cheers,
0
 
LVL 22

Assisted Solution

by:pjedmond
pjedmond earned 20 total points
ID: 17166610
http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm

Links at the bottom of the page to get around most other windows 2003 password recovery situations, *unless* you have an encrypted File System....then things become a little more interesting;)

(   (()
(`-' _\
 ''  ''

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 88

Assisted Solution

by:rindi
rindi earned 40 total points
ID: 17166622
I'd be carefull about hiren's CD, some of the software titles on it are commercial products which normally you have to buy. That could mean it is pirated which wouldn't be in accordance to the rules on this site.

The software titles on the UBCD on the other hand are either all free, or at least shareware, so there you wouldn't be pirating...
0
 
LVL 16

Accepted Solution

by:
Nyaema earned 200 total points
ID: 17167991
To Reset the Directory Services Recovery mode password

start->run

ntdsutil

ntdsutil: set dsrm password
Reset DSRM Administrator Password: reset password on server server_name
Please type the password for DS Restore Mode Administrator account: password
Please confirm new password: password


where server_machine is the name/ip of your server
and password is the new password you want to set
0
 

Author Comment

by:dtview
ID: 17182619
Gee thanks, I will work them out in a lab environment first. Will revert.

dtview
0
 

Author Comment

by:dtview
ID: 17354385
Thanks to all who contributed and apologies for the dealy ... to be frank I have yet to find a chance to try them out in my lab. I'd love to assign more points to each one though it seems 500 points is the most I am allowed to offer in total.

mpfister and Nyaema - thanks for your solutions. Unfortunately I can't assign more than 1 accepted answer. It's good of mpfister to give the kb number.

I gave 20 points each for the rest, because I don't have that many points left to spare and as rindi said, anything close to pirating may not be desirable. Of course when desperate I wouldn't be that picky (knock wood)

dtview
0
 
LVL 16

Expert Comment

by:Nyaema
ID: 17362519
Thank you too dtview. =)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Often we come across situations wherein our batch files would be needing to reboot Windows for a variety of reasons. A few of them would be like: (1) Setup files have been updated whose changes can take effect only after a reboot …
As the title indicates, I have done this before. It chills me everytime I update the OS on my phone, (http://www.experts-exchange.com/articles/18084/Upgrading-to-Android-5-0-Lollipop.html) because one time I did this and I essentially had a bricked …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now