Solved

how do i reset the administrator password on win2k3 werver from windows rescue system?

Posted on 2009-05-06
2
632 Views
Last Modified: 2013-11-25
Our server was hacked and the administrator password reset. I access normally through RDK but now cannot et access. I can reboot the server via a web console and get in to windows rescue system mode, where i can get a command line interface and basic file browsing etc. I need to reset the admin passsword, i have already done the : net user administrator newpassword, which seemed successful but wouldn't let me in. Is it possible to reset or change the admin password via this method, if so what am I doing wrong? Failing this, is it possible to set up a new user and password using windows rescue system?
0
Comment
Question by:Bigimpact
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 24319328
You will need to use 3rd party tools. If it is not a domain controller:
There are several ways to reset the administrators password. A warning though if you have set up EFS (Encrypted File System) you will loose the administrators access certificate.
The following link lists the most popular options. The first requires a third party and the second is the most common method.
http://www.petri.co.il/forgot_administrator_password.htm 

Another option (my favorite) is to create a BartPE boot CD and add the Sala Windows Password Renew 1.1 plugin.
The Bart CD boots to a Windows environment from the CD and the Sala utility allows you to create a new admin account and password. With that, you could log in and edit the existing accounts. You can also reset the Administrators password with the Bart CD and Sala application though creating the new account is the safer method.
The basic Bart CD includes many useful utilities and there are hundreds of plugins/add-ons available on the internet. Best of all it is free.
Links to create the BartCD and obtain the Sala plugin are listed below. Though it takes a bit to create your first CD it is a very useful set of tools, to have handy in emergencies :
http://www.nu2.nu/pebuilder/
http://www.nu2.nu/bootcd/
http://sala.pri.ee/?page_id=9

Another easy option but not free is Passware which is very simple and works very well.
Windows workstation version
http://www.lostpassword.com/windows.htm
Server domain admin capable
http://www.lostpassword.com/windows-enterprise.htm

--------------------------------
If it is a domain controller:
Though I have never had the misfortune to have to try it, the following link is probably the best known method to reset the domain admin password. I have read several posts in the past saying it does work on Server 2003, as well as SBS 2003, and Daniel Petri says it should work on 2008 as well. Having said that, I cannot make any guarantees, you are on your own. As a caution; I have had some Linux password changing disks corrupt the administrator account, fortunately in a test environment, but never heard of that with Petter Nordahl-Hagen's disk (see articles), so follow the steps carefully. Make sure you have a complete backup before doing any "tinkering".

The following link outlines the procedure:
http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm
Some folks have found it confusing as the first step is to reset the local account admin password, and of course on a DC there is no local admin. Apparently using the reset local password disk resets the local account to allow you to access the AD restore mode (note: choose "no password" option), and then proceed with the Domain account changes as in the link provided earlier. In the link above there is a tiny hyperlink to the following site:
http://www.jms1.net/nt-unlock.shtml
This is where the domain account procedure originates. Though it is the same, it explains in a little more detail. ( note: you cannot access this page with Internet Explorer you need a different browser such as FireFox or Opera  http://www.mozilla.com/en-US/firefox/ )
Please read the nt-unlock.shtml page in its entirety, and the link on that page for server 2003, as the procedure is a little different.

I am sorry I have not tried this and cannot provide details, but perhaps it will be of some help.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Progress

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question