SBS 2003 server, R2 I believe, last week the HDD got completely full - 0 bytes available space (Symantec Enterprise Protection old virus def files).

When trying to fix that problem, it would not accept my normal Admin login - said it "could not load user profile" I think?  I finally got in, but it said it was creating a new profile (or something to that effect), and it did look like a new user desktop - some of my icons were gone.

I also now see two user folders with my name - one just "Clay" which I think is my original one, and one "Clay.GCF.Local.000" which I suspect is the new one that got created?

I was able to delete the Symantec files & now have about 10g free space on the C drive.  

Other users (workstations) have had no problems running their apps and accessing server data (which is on D drive, not C), but yesterday on MY workstation I noticed the domain tree under Network in Win Explorer was missing - it just wasn't there.  Thinking it was something awry on my workstation, I removed myself from the domain & joined a workgroup in the hopes that subsequently rejoining the domain would resolve the issue.

It didn't - now I can't rejoin the domain at all - says my credentials are not recognized.

That's when I went to the server, and cannot login with either of the two Admin accounts I had (Clay and Administrator) - both just say "System cannot log you on"... credentials not recognized.

I can logon with a non-admin user I have called Manager, but of course I can't get to any management settings.

May or may not be related, but same time these issues appeared, the logon dialog box looks weird - name, password, and domain input fields are a darker color, can't read their contents unless select whatever is in them with the mouse.  Strange.

I've done a restart of course - and also a complete shutdown - no change.

I have limited system backups, but I do have some.  Three days worth made with the internal backup utility, not sure if that's gonna get me back far enough (before the disk full issue) - I don't think it will.

(If it sounds like I'm a little scattered here.... my first grandchild was born Saturday night... the last few days have been a whirlwind and I haven't had much sleep!).

When I loaded the backups yesterday to see what I had, I saw the ones from last 3 days and also some much older ones - about a year old - that are not in the folder I have backups aimed at now, not sure where they are on the disk but if the b/u utility sees them they should be there somewhere, right?

Haven't tried restoring the System State from one yet, that was my thought but want help from you guys first.

DISCLAIMER: I am not a "real tech guy" - no formal training, just many long nights sitting in front of a screen and throwing darts, but I am pretty decent at it, basically have been my own IT guy for the last 15 years, so I'm quite comfortable "under the hood", but not a true "expert".

Any and all thoughts appreciated - PLEASE HELP!!!!

Who is Participating?
cricketmanConnect With a Mentor Author Commented:
Finally got the issue resolved.

I VERY MUCH appreciate all the advice you experts gave me, but in the end, no suggestions I received proved to be the actual solution.

I called a local tech company, their technician spent 11.5 hours here last Friday night, and finally got things resolved.  Thinking Dana Epp's method would do the trick he tried that (I had already tried it with no joy), but it didn't work for him either.  In the end, he used the Pteri method that I referenced in a previous comment of running a script that set the domain admin pw at boot up, and THAT finally got us in.

What we discovered was VIRUS - LOTS of virus infected files.  When we got Symantec Endpoint Protection reinstalled (something - the virus we assume - had completely removed SEP from the machine!) it presented as a variant of the Wapomi! virus.  And it was quite effective.  Scans on the server found literally thousands of infected files.

The good news is that the files were easily cleaned, and I really didn't lose any data, just the $1,000+ the tech guy cost me!

THANKS to all who helped.  I will award some points to comments that proved to be helpful in at least keeping me pointed in the right direction even if they didn't actually present the final solution.

Thanks again!!

Lee W, MVPConnect With a Mentor Technology and Business Process AdvisorCommented:
See MVP Dana Epp's series at Scorpion Software on cracking the admin password.  It's FRIGHTENINGLY EASY to reset your server's domain admin password and should take 5 minutes or so.  NOTE: This is why PHYSICAL SECURITY is JUST AS IMPORTANT as a strong password.

It's video 105 on the playlist.
cricketmanAuthor Commented:
Thanks for the quick reply!

WOW.... kind of scary that it could be that easy, and you're right - it highlights why physical security is important!

I will try this tonight (I'm going to stay out & let my office gals do their regular work today).

Meanwhile... any other ideas from anyone else are appreciated, would like to have multiple tools in my bag when I tackle this tonight!!


Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Jaroslav LatalMSPCommented:
Hello cricketman,

I monitor this post and wish you good luck!

Try to remember local administrator (Directory Services Restore Mode password) and restore AD:

cricketmanAuthor Commented:
Not having any luck.

Cannot get the server to boot from the SBS 2003 CD.  I have TWO CD's... one is a Microsoft, the other a Dell, neither will boot.  Tried w/o initiating the boot menu with F11 and it just flies right by and boots from the HDD, also tried  initiating the boot menu with F11 and then choosing CD drive from the list to boot from, but system still boots from the HDD.

Went into SETUP, the CD drive is listed first in boot order (HDD 2nd, Dell RD 1000 removable drive 3rd).

In researching today, came across references to Powersuite Utilities by SPOTMAU, purchased it, DID get machine to boot from that CD.  Ran their password reset utility (which is supposed to  work for all versions of Windows 2003)... it APPEARED to work (said it completed successfully), restarted machine, no dice - still cannot login as Administrator.

Perhaps important?... the SPOTMAU utility only saw 2 users to let me pick from to reset  password - Administrator, and Guest.  Did not show the user "Manager" that IS still active - I CAN login as Manager, but that user doesn't have admin privileges so I can't do much.

Is there a way to give Manager admin privs so I can use it to create another new user for myself?

Will have to let my office gals do their work tomorrow, so won't be  able to try more things till tomorrow night.

Any other ideas?

Any thoughts on why it won't boot from either SBS 2003 CD?

Lee W, MVPTechnology and Business Process AdvisorCommented:
Do not boot from the 2003 CD - it probably doesn't have drivers installed to see the drive.  Boot from a Windows 7 or Vista or Windows 8 or 2008 DVD.  Or create a flash drive.  I don't know where you got your 2003 CD... or how it might have been burned.
Jaroslav LatalMSPCommented:
Before OS boots, press F8 and choose active directory restore mode. You will be asked for local administrator password. Than you will be able to restore AD.

Gary ColtharpConnect With a Mentor Sr. Systems EngineerCommented:
The password reset utility will not work because this is a domain controller. Those utilities just change/reset passwords in the hive file. The accounts you are having difficulty with are in active directory.
cricketmanConnect With a Mentor Author Commented:
My two SBS 2003 CD's are an original Microsoft and an OEM one from Dell.  Both say SBS 2003 R2.

I do have couple Windows 7 64 bit disks, can try to boot from them - and you mean just to try Epp's password reset trick, right?

If that trick is just for the local admin password and not the AD domain admin pw, I assume it really won't help me either though (but will prob still try since it seems "less invasive").

I found an AD Domain pw change method here:


... may try that tomorrow after office closes.

Hoping to avoid the AD restore since I really think the bkf files I have with system state don't go back far enough to get me "before" this problem.  But will try anyway if PW reset thing doesn't work.

Absolute last resort will be to blow all away & completely rebuild the SBS machine, something that I really don't WANT to do, but... may not have a choice.

Will report back to you guys after I try tomorrow evening... meanwhile please keep any new ideas coming!

Thanks guys for all your suggestions so far!!!

Gary ColtharpSr. Systems EngineerCommented:
Epp's method will work on the domain controller if you can boot to the CD successfully to gain recovery console access. The other bootable password reset utilities will not.

The Petri method is a little more lengthy. It is how I have done it in the past, but I will certainly be using Epp's method from now on (Brilliant).

The dell badged disc should say "disc 1" or Small Business Server 2003 or something.... and should be your bootable install media. Blow out your CD tray with compressed air if you havent read a lot of discs in it, the optical pickup may be dirty.


Gary ColtharpSr. Systems EngineerCommented:
BTW: You may need to create a driver disk for your storage controller if the SBS 2003 media boots but doesnt see your installation. F6 at the load screen and load the driver from a <cough> diskette. Assuming your server has one of those...they are becoming increasingly rare.
cricketmanAuthor Commented:
Comment explains situation
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.