Solved

how do i reset the administrator password on win2k3 werver from windows rescue system?

Posted on 2009-05-06
2
625 Views
Last Modified: 2013-11-25
Our server was hacked and the administrator password reset. I access normally through RDK but now cannot et access. I can reboot the server via a web console and get in to windows rescue system mode, where i can get a command line interface and basic file browsing etc. I need to reset the admin passsword, i have already done the : net user administrator newpassword, which seemed successful but wouldn't let me in. Is it possible to reset or change the admin password via this method, if so what am I doing wrong? Failing this, is it possible to set up a new user and password using windows rescue system?
0
Comment
Question by:Bigimpact
2 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 24319328
You will need to use 3rd party tools. If it is not a domain controller:
There are several ways to reset the administrators password. A warning though if you have set up EFS (Encrypted File System) you will loose the administrators access certificate.
The following link lists the most popular options. The first requires a third party and the second is the most common method.
http://www.petri.co.il/forgot_administrator_password.htm  

Another option (my favorite) is to create a BartPE boot CD and add the Sala Windows Password Renew 1.1 plugin.
The Bart CD boots to a Windows environment from the CD and the Sala utility allows you to create a new admin account and password. With that, you could log in and edit the existing accounts. You can also reset the Administrators password with the Bart CD and Sala application though creating the new account is the safer method.
The basic Bart CD includes many useful utilities and there are hundreds of plugins/add-ons available on the internet. Best of all it is free.
Links to create the BartCD and obtain the Sala plugin are listed below. Though it takes a bit to create your first CD it is a very useful set of tools, to have handy in emergencies :
http://www.nu2.nu/pebuilder/
http://www.nu2.nu/bootcd/
http://sala.pri.ee/?page_id=9

Another easy option but not free is Passware which is very simple and works very well.
Windows workstation version
http://www.lostpassword.com/windows.htm
Server domain admin capable
http://www.lostpassword.com/windows-enterprise.htm

--------------------------------
If it is a domain controller:
Though I have never had the misfortune to have to try it, the following link is probably the best known method to reset the domain admin password. I have read several posts in the past saying it does work on Server 2003, as well as SBS 2003, and Daniel Petri says it should work on 2008 as well. Having said that, I cannot make any guarantees, you are on your own. As a caution; I have had some Linux password changing disks corrupt the administrator account, fortunately in a test environment, but never heard of that with Petter Nordahl-Hagen's disk (see articles), so follow the steps carefully. Make sure you have a complete backup before doing any "tinkering".

The following link outlines the procedure:
http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm
Some folks have found it confusing as the first step is to reset the local account admin password, and of course on a DC there is no local admin. Apparently using the reset local password disk resets the local account to allow you to access the AD restore mode (note: choose "no password" option), and then proceed with the Domain account changes as in the link provided earlier. In the link above there is a tiny hyperlink to the following site:
http://www.jms1.net/nt-unlock.shtml
This is where the domain account procedure originates. Though it is the same, it explains in a little more detail. ( note: you cannot access this page with Internet Explorer you need a different browser such as FireFox or Opera  http://www.mozilla.com/en-US/firefox/ )
Please read the nt-unlock.shtml page in its entirety, and the link on that page for server 2003, as the procedure is a little different.

I am sorry I have not tried this and cannot provide details, but perhaps it will be of some help.
0

Featured Post

Free book by J.Peter Bruzzese, Microsoft MVP

Are you using Office 365? Trying to set up email signatures but you’re struggling with transport rules and connectors? Let renowned Microsoft MVP J.Peter Bruzzese show you how in this exclusive e-book on Office 365 email signatures. Better yet, it’s free!

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now