Solved

win 2003 server password gone/changed

Posted on 2011-02-20
9
733 Views
Last Modified: 2012-05-11
some background; small classroom domain.  had one server with pw xxx, which was the admin domain pw.  some time ago I added another server, and changed  the domain pw to xxx* (added a character).   the first server has always worked fine, til today.  The second has had problems, which I had been working on.   both active directory, dns, and I wanted them to both be DC, with goal of moving all to the new server.  In AD they are both listed as DC, ping to FQDN was good, dns showed both, etc.  But errors were that active directory wasn't available on the second server.  
So I was looking into tools like dcdiag, and came to adsiedit.  I saw some  IP entries on server 2 which were first attempts when setting  up, and were now incorrect so I delteted them.  I compared settings between the two servers and basically made all the same.  No joy, so with a headache I left last night while server1 ran updates and rebooted.
Now, I cannot login to server1 at all.  I can login to server2, but only with the Old pw from a year ago.  ???
And, student profiles do not load, which are on server1.
I did nothing to change any passwords, to my knowledge.
I need help, very quickly.   PM's???  

edit; server1 is installed on an older hp desktop, not an actual server machine.  So bios is not a server bios; don't know if that helps.  One of the reasons I wanted to change things.  If it matters  it's an easy thing to take the hd out and slave it,  so program paths and profiles can be seen and copied if need be.  But it's a license server also and I need those to run.
0
Comment
Question by:JerryC101
  • 5
  • 4
9 Comments
 
LVL 47

Expert Comment

by:dstewartjr
ID: 34939870
Have you tried the Offline NT password and registry tool?


http://www.pogostick.net/~pnh/ntpasswd/
0
 

Author Comment

by:JerryC101
ID: 34939902
No; looks interesting.  
I was just going to edit again but  now can't, so followup;
I've used in a working AD lab, in a command line, ''net user <userxxx> *' and it asks for a pw, then enter again and it changes for the domain with no other effects.  I was thinking of trying that,, but don't want to make things worse.   What do you think?
0
 
LVL 47

Accepted Solution

by:
dstewartjr earned 500 total points
ID: 34939918
Which ever way that you are allowed to change the password is what I would go with. Offline NT allows you to boot into a dos environment and either "Blank" the password or change it. Blanking it is more successful.
0
 

Author Comment

by:JerryC101
ID: 34940009
Going to try the one above shortly; will let you know.  
On that page there is a liink to jms etc that's for AD pw; the anti-v won't let me go there, says the link is a threat.  Do you have any comments?  I can disable the anti-v if it's a valid site.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Author Comment

by:JerryC101
ID: 34940013
AD=Active Directory
0
 

Author Comment

by:JerryC101
ID: 34940176
I just got back to that lab and tried logging in to 'old' server1, using any pw I could recall and other admin user also.  Fail.  I logged in to the 'new' server2 using its long out of date pw, and ran the cmd line as noted above. I gave it the pw that had been the correct one til today.  It sat there a bit, a much longer bit than any earlier time I have done this, and then said 'command completed successfully'.    I then was able to login to server1.   Yay!
Now to see if anything else works.
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 34940177
Not sure where you're getting "Jms" from, but yes anti-viruses do flag this because of what it does(reset passwords)

0
 

Author Comment

by:JerryC101
ID: 34940265
Under 'other places to go' on that site, it's jms1.net.  Oddly, on this computer I can get to it; on the earlier computer in another room but running the same anti-v, it gave the warning.

Well; now I can login to each server, and RDC also.  But the students cannot login; the comps cannot see the domain.  I am now getting the dns error msg on server1 that I had been trying to troubleshoot on server2, when it was not running AD.  
There are no forward or reverse zones, and I cannot create them on either server.  'Zone cannot be replicated.... the application directory partition does not exist.  Only Enterprise Admins (which I am) have permissions... etc.  Google shows that others have had this; I have not seen any fixes.  Some seem to have re-done dns completely but they did not post back, so I am not sure.  
At this point, should I start a new thread, as the issue is quite different?
Thanks for your help so far.
0
 
LVL 47

Expert Comment

by:dstewartjr
ID: 34940283
Yes, starting another thread will also generate more users looking at it.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Resolve DNS query failed errors for Exchange
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now