Customer changed domain admin password on Windows 2008 Domanin Controller and forgot the new password.

This is a small business with one domain controller and 20 workstations.  The domain controller is being backed up by an offsite backup service.  System State and Active Directory are being backed up. The offsite backup service says that there are versions of System State and AD prior to the admin password change.  The offsite backup service says that the System State and AD can be restored (which has the old password) if customer can connect to the offsite server.

The restore has to be done over the Internet by connecting to the offsite backup service (AES256 encryption) and restoring System State and AD from the backup server.  System State and AD can only be restored to its original location while in restore mode.

We rebooted the domain controller into Directory Services restore mode and logged in as a local admiin.  Only problem is we cannot connect to the Internet now.  DNS and other services are shut down when in Directory Services restore mode (safe mode).  All 20 workstations can no longer connect to the Internet.

We tried to restart DNS service to no avail.

While in Directory Services restore mode I looked at the properties of the network adapter and saw that the DNS address had been changed to the loopback address (127.0.0.1).  I reset it first to the DNS server address but that did not work since the DNS service was not running.  I then changed it to an outside DNS address  but that did not work either.

Customer's firewall is managed by ISP and I do not have access to it.

If I could figure out how to connect the Domain Controller to the offsite backup server via the Internet I could restore the old pasword.

I don't know what to do and will greatly appreciate your help.

jepper2020Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
If you can logon in DSRM mode, then there's no need to restore the AD from an earlier version. You can use the DSRM to reset the domain admin password.
The procedure is described here (note the comment "Update: After some reader feedback I'm pleased to say that this procedure ALSO WORKS for Windows Server 2008 Domain Controllers. Feel free to send in your feedback. I kept the original page syntax in relation to Windows Server 2003, but you can now perform the same actions on Windows Server 2008."):
Forgot the Administrator’s Password? – Change Domain Admin Password in Windows Server 2003 AD
http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm
0
jepper2020Author Commented:
Thanks.  It will be next week before I can try this.  Looks like cost is around $50 but that is no big deal if it works.  I will let you know.
0
oBdACommented:
Since you are able to logon to DSRM, you do NOT need any of the tools to reset the "local" (DSRM) admin password; you can start directly at "Requirements". The rest of the procedure is based on existing/free tools.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

jepper2020Author Commented:
Thanks for the repley but I do not need to reset the local admin password.  I need to reset the Domain Admin password.
0
oBdACommented:
Yes, and the procedure is described in the link above, but there are no "costs around 50$" involved for this.
0
jepper2020Author Commented:
Thanks for your help
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Operating Systems

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.