Temporarly get around Windows 2003 Enterprise x64 activation or get data out of VMDK file to export AD, DNS, DHCP out of the VM Image.......

Posted on 2010-08-27
Last Modified: 2012-05-10
I'm not trying to steal anything...  Here's my situation...  I am doing some consulting for this company...  They fired their Jack-A$$ IT Manager after this fiasco and called me in to help fix it...

Here's the layout...

1 Physical Host (Dell Server)  Running VMware ESXi 4.0
1 Installation of "Windows 2003 Enterprise x64" VM
     - Which is the Only Domain Controller, DHCP, DNS, WINS, AD are all run from this VM
Other VMs installed on the box...

Now for the problem...  Something happen to the Server (Domain Controller, AD, DNS, DHCP, WINS)...  I don't know what...  But the guy decided to delete the VM from that DataStore...  The he went back and found some copy of the VM that he made a month or so ago...  (Thank G-d he at least made a backup)...

He restores the VM...  It prompts him to Activate Windblows over the internet...  Viola things are back up and running...  Then he has to go and screw with things again and he phucks up the Server again...  So, back to your trusty backup right...  Well it asked him to Activate Winblows again...  This time he is told that he can't do it and he has to call Mickeysoft...  Now the fun begins...

From my research I have found:

The installation of the VM was done from either an OEM or Retail disk (Didn't know that they made retail copies of Win2k3 x64, but you learn something new every day)

The companies AD/Exchange/SharePoint have been down now for 3 days because they cannot activate this copy of Windows on the Domain Controller...  

I have had 6 people tear apart the office and everyplace that they can think of around the office here and we have been unable to come up with any retail or OEM disk...

The company owns a Volume Licenses for Server 2k3x64 but for some reason Jack-A$$ referred above used some other sort of media and key?

So, in conclusion...  The companies Only Domain Controller with all the security info for the 200 employees that work here, Groups, DHCP, DNS, WINS and who knows what else at this point...  Is stuck in a VM that I can't activate...

Microsoft has told them and me here numerous times as we have tried to work with them officially and since we don't know what product key he used or have the physical media they cannot generate a new product key for us...

I either need to get around the registration and boot the machine and export AD, DNS, DHCP, WINS, etc to a valid machine running on their Volume License Keys...


Figure out how to extract the VM to an NTFS partition and then figure out some home to export the data to a new machine...


Start their company from Scratch...  I'd hate to do this...

Any and all assistance would be excellent!!!  They've told everyone to pretty much stay home till they get this fixed....  

I'd give more point if I could...  I'll even open up multiple questions to get answers so everyone gets points for chipping in on this multi-tiered problem...  

HELP!!!! (lol)

Question by:Daeta42
  • 4
  • 2
  • 2
  • +4

Expert Comment

ID: 33546028
You don't need the original product key if all it is asking for is activation.

When asking to activate the product, it asks, by internet or by phone.  

Choose by phone, then it will generate a huge code and display it on the screen.

Call microsoft, tell them you are restoring a server, give them the code from off the screen, then they will give you a valid activation code.


Alternatively, you could just edit another vm, and attach that hard disk as a secondary drive.

But I've activated a ton of VM's through microsoft phone support without needing the original product key

Author Comment

ID: 33546090
yeah, so have I...  but they are being screwy about this one...  Probably because it has  been activated 3 times in 2 days and then about 400 attempts by aforementioned Donkey...

If I attached it as a secondary drive to another VM...  How would I extract AD information from it and migrate to another DC?  DHCP, WINS too....???

LVL 57

Accepted Solution

Mike Kline earned 500 total points
ID: 33546168
maybe slmgr -rearm --> but you can't even get in to try that
So if you can get to ntds.dit...then you could try someting like cb5 did
That is not easy and not common.  I'd try again to call and talk to managers and see if they can help you in any way
You are in a tough spot
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why


Expert Comment

ID: 33546392
Like mkline said,  it might be possible to grab the needed files like Ntds.dit, Edb.chk, Edb*.log, Res1.log and Res2.log, but I feel like that is a real longshot.

I think if you work with microsoft and explain that this has all been on the same hardware(which it has, if it is only one ESXi server), that there should be no problem.  
That is your quickest, safest bet, anything else, is pretty slim.
LVL 63

Expert Comment

ID: 33546407
I would also see if there is a systemstate backup somewhere that would have the AD on it and could be restored to a new VM if needed.

I hope this helps !

Author Comment

ID: 33546449
OMG...  Reading that was reminiscent of exactly where I am sitting right now...  I am trying to pull weight around with these people from India to get some assistance...  (Damned Microsoft Outsourcing!!!)  

Until then I am heading towards Mike's suggestion...  Now the question is how do I extract the data out of a VMDK file to an NTFS partition so I can get the data needed???

Hopefully we're getting somewhere...  (Least I am getting edumacated about something)

LVL 29

Expert Comment

ID: 33546725
I would also see if there is a systemstate backup somewhere that would have the AD on it and could be restored to a new VM if needed.

May not have to go that far,...I thought (maybe I'm wrong, but..) a machine needing a re-activation would still run, just can't get into the Desktop.   So why not build a new VM (with the right disk this time) join it to the Domain and DC Promo it to a DC.  Set up the other services on it as needed.  Then shutdown the old one and do a Meta Data Cleanup to get rid of the old one since you can't get into the Desktop to DCPromo it out cleanly.

Expert Comment

ID: 33549109
I haven't tried this process with a dc but member servers, this works on. And sunce its a vm, you could clone it and see if it works.  Anyway, If you have volume license media that is the same build, service pack, etc, you can run a repair and web it prompts for the key, enter your volume license key. Voilà, the server has been changed from oem to vlk. And since it's just a repair, it should Do any harm to the os. Like I said, I've never done this on a dc. Only member servers. But it worked on them.

Expert Comment

ID: 33551028
You should be able to boot in safe mode (even if windows is not activated)

Then from here export all you AD, DNS, DHCP setting to a shared location or to your new
windows server virtual/physical machine.

Author Closing Comment

ID: 33588763
Thank you!  The customer was very pleased when he was able to start seeing people come back to work again!!!

LVL 29

Expert Comment

ID: 33589119
So what did you actually do?

Author Comment

ID: 33590222
Ok, quick run down...

1.  Followed CB5's directions and  got mailboxs out...  Created a new domain and a new Exchange server...  Attached the old Mailbox Database...  
2.  Used some Pearl scripts to import user/grou data into AD...  (Now I had a general Idea of how things were setup)
3.  Since there was only 1 DC;  I started to get errors at every turn w/ reference to the domain name or the computer name...  (The wanted them to be the same)
4.  So, I got all their user, group, Mailbox data...  HOURAY!!!!
5.  Started from scratch...  Went to network appliances, etc and got configs from them and started to piece back the puzzle...
6.  Added Secondary DC, DHCP, WINS, AD server  
7.  Imported user/group list
8.  Attached Mailboxes to the users.
9.  Just to be safe I had them all backup their stuff to a PST.  

Oh I forgot to mention that I made the buy me VSphere to get the job done faster...  And I worked on it for 38 hours straight...  

Such is the life of us IT Folks!

All the best!


Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question