Solved

win 2003 server password gone/changed

Posted on 2011-02-20
9
738 Views
Last Modified: 2012-05-11
some background; small classroom domain.  had one server with pw xxx, which was the admin domain pw.  some time ago I added another server, and changed  the domain pw to xxx* (added a character).   the first server has always worked fine, til today.  The second has had problems, which I had been working on.   both active directory, dns, and I wanted them to both be DC, with goal of moving all to the new server.  In AD they are both listed as DC, ping to FQDN was good, dns showed both, etc.  But errors were that active directory wasn't available on the second server.  
So I was looking into tools like dcdiag, and came to adsiedit.  I saw some  IP entries on server 2 which were first attempts when setting  up, and were now incorrect so I delteted them.  I compared settings between the two servers and basically made all the same.  No joy, so with a headache I left last night while server1 ran updates and rebooted.
Now, I cannot login to server1 at all.  I can login to server2, but only with the Old pw from a year ago.  ???
And, student profiles do not load, which are on server1.
I did nothing to change any passwords, to my knowledge.
I need help, very quickly.   PM's???  

edit; server1 is installed on an older hp desktop, not an actual server machine.  So bios is not a server bios; don't know if that helps.  One of the reasons I wanted to change things.  If it matters  it's an easy thing to take the hd out and slave it,  so program paths and profiles can be seen and copied if need be.  But it's a license server also and I need those to run.
0
Comment
Question by:JerryC101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 34939870
Have you tried the Offline NT password and registry tool?


http://www.pogostick.net/~pnh/ntpasswd/
0
 

Author Comment

by:JerryC101
ID: 34939902
No; looks interesting.  
I was just going to edit again but  now can't, so followup;
I've used in a working AD lab, in a command line, ''net user <userxxx> *' and it asks for a pw, then enter again and it changes for the domain with no other effects.  I was thinking of trying that,, but don't want to make things worse.   What do you think?
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 34939918
Which ever way that you are allowed to change the password is what I would go with. Offline NT allows you to boot into a dos environment and either "Blank" the password or change it. Blanking it is more successful.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:JerryC101
ID: 34940009
Going to try the one above shortly; will let you know.  
On that page there is a liink to jms etc that's for AD pw; the anti-v won't let me go there, says the link is a threat.  Do you have any comments?  I can disable the anti-v if it's a valid site.
0
 

Author Comment

by:JerryC101
ID: 34940013
AD=Active Directory
0
 

Author Comment

by:JerryC101
ID: 34940176
I just got back to that lab and tried logging in to 'old' server1, using any pw I could recall and other admin user also.  Fail.  I logged in to the 'new' server2 using its long out of date pw, and ran the cmd line as noted above. I gave it the pw that had been the correct one til today.  It sat there a bit, a much longer bit than any earlier time I have done this, and then said 'command completed successfully'.    I then was able to login to server1.   Yay!
Now to see if anything else works.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 34940177
Not sure where you're getting "Jms" from, but yes anti-viruses do flag this because of what it does(reset passwords)

0
 

Author Comment

by:JerryC101
ID: 34940265
Under 'other places to go' on that site, it's jms1.net.  Oddly, on this computer I can get to it; on the earlier computer in another room but running the same anti-v, it gave the warning.

Well; now I can login to each server, and RDC also.  But the students cannot login; the comps cannot see the domain.  I am now getting the dns error msg on server1 that I had been trying to troubleshoot on server2, when it was not running AD.  
There are no forward or reverse zones, and I cannot create them on either server.  'Zone cannot be replicated.... the application directory partition does not exist.  Only Enterprise Admins (which I am) have permissions... etc.  Google shows that others have had this; I have not seen any fixes.  Some seem to have re-done dns completely but they did not post back, so I am not sure.  
At this point, should I start a new thread, as the issue is quite different?
Thanks for your help so far.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 34940283
Yes, starting another thread will also generate more users looking at it.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Here's a look at newsworthy articles and community happenings during the last month.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question