[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1498
  • Last Modified:

How to reset Windows Server 2003 Active Directory Restore Mode password?

Cannot login to Active Directory Restore Mode as the password is not available with us. Please note that I cannot login into Normal Mode as well as Safe Mode also as the following message is appearing :

"Security Accounts Manager initialization failed because of the following error : Directory Server cannot start. Error Status : 0xc00002e1. Please click OK to shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information."

After clicking on the OK button the machine restarts.
0
hchabria
Asked:
hchabria
  • 4
  • 3
  • 2
  • +2
1 Solution
 
Milan_OjhCommented:
Then try also: http://www.ubcd4win.com/
and: http://www.hiren.info/pages/bootcd

Is this the only DC in your network?
Does it hold any of the FSMO roles?
Which other roles run on this server?

It might be easier to reformat, perform metadata cleanup and run dcpromo again?
0
 
hchabriaAuthor Commented:
Yes, this is the only DC and it holds all FSMO roles. The ultimate solution is to reformat the DC and I have also System State backup in place, but if I resotre the System State backup will everything work fine?

Please suggest me the exact tool name that will reset the Active Directory Restore Mode password.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
haldoxpCommented:
Create some backup before reinstall (e.g. ghost). Last time System State backup was not working for me very well. So just to be sure you can return to previous state and try something else.
0
 
hchabriaAuthor Commented:
Hi Milan_Ojh,

Thank you for sending the windowsitpro link. But all will work if I can log into the system, which is not hyappening at all.
0
 
Milan_OjhCommented:
0
 
haldoxpCommented:
you can try also Microsoft Diagnostics and Recovery Toolset. This is based on Winternals ERD Commander.

http://www.microsoft.com/downloads/details.aspx?familyid=5D600369-0554-4595-8AB4-C34B2860E087&displaylang=en


Or download ERD commander. Most probably you will be able to try some steps from MS KB for your error.
0
 
meugenCommented:
have you used EFS to encrypt NTDS.DIT database or the folder which contains it?
0
 
Milan_OjhCommented:
if I can log into the system, which is not hyappening at all.

Can you pls brief it that what the message r u getting.

So i can make comment according to that

thanx



0
 
meugenCommented:
or you can use http://home.eunet.no/pnordahl/ntpasswd/, which is a boot disk based on Linux kernel.
0
 
Tiarna101Commented:
Just a thought, are you able to boot from a Windows disk into the recovery console?  If so, maybe you can run this to reset the directory restore password (btw, I think this password is set as the password you used when you initially installed Windows on the system):
http://support.microsoft.com/kb/322672

Once that's done maybe try this to recover AD:
http://www.derkeiler.com/Newsgroups/microsoft.public.win2000.security/2004-05/0100.html
0
 
hchabriaAuthor Commented:
Hi Milan_Ojh

I am getting following error message when DC starts:

"Security Accounts Manager initialization failed because of the following error : Directory Server cannot start. Error Status : 0xc00002e1. Please click OK to shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information."

Once I click on the OK button, the machine restarts.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 4
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now