Domain Controller Password is Lost...

Hi friends !

Before five days,  I implemented Domain and my Root Domain Controller named RDC.xxx.ac.rw. The Operating System is Windows Server 2003 Enterprise Edition. I created some Domain User Accounts and Domain Computer Accounts.

There is no Additional Domain Controller (ADC) and I didn't give Domain Administrators/Schema Administrators/Enterprise Administrators group membership to any other user. The only user who has membership in these three groups is Administrator@xxx.ac.rw which is by default. The backup is three days old and after that backup, I created some more Domain User and Domain Computer Accounts.

Now, the problem is that, all the IT Professionals know this password and someone changed it and now I don't know who has done it. Now I am not able to logon to domain and even I can't add more Users and Computers to domain.

I know it is a big mistake to give this password to all IT Professionals. It is always not fair to trust all. Even If I had created an another user with Enterprise Administrator Rights, I had overcome with this problem. But I missed to do it.

Is there any solution to recover that password or as I am assuming, I will have to do my work from scretch. Because if I use my backup, it is three days old.

If you have faced the same problem or if you have any solution in this regard, please help me.

Regards,

Hemant
JatinHemantAsked:
Who is Participating?
 
michkoCommented:
You can give the method here a try.  I haven't (had) to use it myself, but I know their reset procedures for local pc administrator work:
http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm
0
 
michkoCommented:
@abraham808 - No need for duplicate suggestions.  You posted the exact same link as given in my post.  
0
 
abraham808Commented:
yeah thanks.  i was looking for an answer, and you posted before I did.

But back to the real problem.  

Hemant,

Can you create a new user?  Place it in Domain Admins?  I'm not sure if you can.  But try that.

You should never use the default Administrator Account.  You should rename it and put the password in a sealed envelope. It should only be opened in case of emergency (like this).

 You should create an account for yourself (if you are an administrator) and place that account in Domain Admins.  

Hope that helps.

0
 
JatinHemantAuthor Commented:
Thanks for your comments...

Well...in my case, I have not created any other user or an user account for myself as domain administrator. But I will take precaution in future.

For now, I restored the ADBackup and now it is OK. Though I have lost some new changes but it's Ok as I managed to get Winternal's ERD Commander CD but it was too late.

And thanks for the links provided by you. I have read them but not completely. But I will soon apply them on test machines.

Regards,

Hemant

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.