• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 740
  • Last Modified:

Temporarly get around Windows 2003 Enterprise x64 activation or get data out of VMDK file to export AD, DNS, DHCP out of the VM Image.......

I'm not trying to steal anything...  Here's my situation...  I am doing some consulting for this company...  They fired their Jack-A$$ IT Manager after this fiasco and called me in to help fix it...

Here's the layout...

1 Physical Host (Dell Server)  Running VMware ESXi 4.0
1 Installation of "Windows 2003 Enterprise x64" VM
     - Which is the Only Domain Controller, DHCP, DNS, WINS, AD are all run from this VM
Other VMs installed on the box...

Now for the problem...  Something happen to the Server (Domain Controller, AD, DNS, DHCP, WINS)...  I don't know what...  But the guy decided to delete the VM from that DataStore...  The he went back and found some copy of the VM that he made a month or so ago...  (Thank G-d he at least made a backup)...

He restores the VM...  It prompts him to Activate Windblows over the internet...  Viola things are back up and running...  Then he has to go and screw with things again and he phucks up the Server again...  So, back to your trusty backup right...  Well it asked him to Activate Winblows again...  This time he is told that he can't do it and he has to call Mickeysoft...  Now the fun begins...

From my research I have found:

The installation of the VM was done from either an OEM or Retail disk (Didn't know that they made retail copies of Win2k3 x64, but you learn something new every day)

The companies AD/Exchange/SharePoint have been down now for 3 days because they cannot activate this copy of Windows on the Domain Controller...  

I have had 6 people tear apart the office and everyplace that they can think of around the office here and we have been unable to come up with any retail or OEM disk...

The company owns a Volume Licenses for Server 2k3x64 but for some reason Jack-A$$ referred above used some other sort of media and key?

So, in conclusion...  The companies Only Domain Controller with all the security info for the 200 employees that work here, Groups, DHCP, DNS, WINS and who knows what else at this point...  Is stuck in a VM that I can't activate...

Microsoft has told them and me here numerous times as we have tried to work with them officially and since we don't know what product key he used or have the physical media they cannot generate a new product key for us...

I either need to get around the registration and boot the machine and export AD, DNS, DHCP, WINS, etc to a valid machine running on their Volume License Keys...


Figure out how to extract the VM to an NTFS partition and then figure out some home to export the data to a new machine...


Start their company from Scratch...  I'd hate to do this...

Any and all assistance would be excellent!!!  They've told everyone to pretty much stay home till they get this fixed....  

I'd give more point if I could...  I'll even open up multiple questions to get answers so everyone gets points for chipping in on this multi-tiered problem...  

HELP!!!! (lol)

  • 4
  • 2
  • 2
  • +4
1 Solution
You don't need the original product key if all it is asking for is activation.

When asking to activate the product, it asks, by internet or by phone.  

Choose by phone, then it will generate a huge code and display it on the screen.

Call microsoft, tell them you are restoring a server, give them the code from off the screen, then they will give you a valid activation code.


Alternatively, you could just edit another vm, and attach that hard disk as a secondary drive.

But I've activated a ton of VM's through microsoft phone support without needing the original product key
Daeta42Author Commented:
yeah, so have I...  but they are being screwy about this one...  Probably because it has  been activated 3 times in 2 days and then about 400 attempts by aforementioned Donkey...

If I attached it as a secondary drive to another VM...  How would I extract AD information from it and migrate to another DC?  DHCP, WINS too....???

Mike KlineCommented:
maybe slmgr -rearm --> but you can't even get in to try that
So if you can get to ntds.dit...then you could try someting like cb5 did
That is not easy and not common.  I'd try again to call and talk to managers and see if they can help you in any way
You are in a tough spot
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Like mkline said,  it might be possible to grab the needed files like Ntds.dit, Edb.chk, Edb*.log, Res1.log and Res2.log, but I feel like that is a real longshot.

I think if you work with microsoft and explain that this has all been on the same hardware(which it has, if it is only one ESXi server), that there should be no problem.  
That is your quickest, safest bet, anything else, is pretty slim.
I would also see if there is a systemstate backup somewhere that would have the AD on it and could be restored to a new VM if needed.

I hope this helps !
Daeta42Author Commented:
OMG...  Reading that was reminiscent of exactly where I am sitting right now...  I am trying to pull weight around with these people from India to get some assistance...  (Damned Microsoft Outsourcing!!!)  

Until then I am heading towards Mike's suggestion...  Now the question is how do I extract the data out of a VMDK file to an NTFS partition so I can get the data needed???

Hopefully we're getting somewhere...  (Least I am getting edumacated about something)

I would also see if there is a systemstate backup somewhere that would have the AD on it and could be restored to a new VM if needed.

May not have to go that far,...I thought (maybe I'm wrong, but..) a machine needing a re-activation would still run,...you just can't get into the Desktop.   So why not build a new VM (with the right disk this time) join it to the Domain and DC Promo it to a DC.  Set up the other services on it as needed.  Then shutdown the old one and do a Meta Data Cleanup to get rid of the old one since you can't get into the Desktop to DCPromo it out cleanly.
I haven't tried this process with a dc but member servers, this works on. And sunce its a vm, you could clone it and see if it works.  Anyway, If you have volume license media that is the same build, service pack, etc, you can run a repair and web it prompts for the key, enter your volume license key. VoilĂ , the server has been changed from oem to vlk. And since it's just a repair, it should Do any harm to the os. Like I said, I've never done this on a dc. Only member servers. But it worked on them.
You should be able to boot in safe mode (even if windows is not activated)

Then from here export all you AD, DNS, DHCP setting to a shared location or to your new
windows server virtual/physical machine.
Daeta42Author Commented:
Thank you!  The customer was very pleased when he was able to start seeing people come back to work again!!!

So what did you actually do?
Daeta42Author Commented:
Ok, quick run down...

1.  Followed CB5's directions and  got mailboxs out...  Created a new domain and a new Exchange server...  Attached the old Mailbox Database...  
2.  Used some Pearl scripts to import user/grou data into AD...  (Now I had a general Idea of how things were setup)
3.  Since there was only 1 DC;  I started to get errors at every turn w/ reference to the domain name or the computer name...  (The wanted them to be the same)
4.  So, I got all their user, group, Mailbox data...  HOURAY!!!!
5.  Started from scratch...  Went to network appliances, etc and got configs from them and started to piece back the puzzle...
6.  Added Secondary DC, DHCP, WINS, AD server  
7.  Imported user/group list
8.  Attached Mailboxes to the users.
9.  Just to be safe I had them all backup their stuff to a PST.  

Oh I forgot to mention that I made the buy me VSphere to get the job done faster...  And I worked on it for 38 hours straight...  

Such is the life of us IT Folks!

All the best!


Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

  • 4
  • 2
  • 2
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now