Changing AD password?

How hard is it to change Active Directory Admin password. I was logged in from home via RDP and someone knocked me off by logging in under administrator. No one has this password but me. How can I change this?

What impact will it make? Will my SQL servers be affected?

I have a 2008 Server R2 physical domain controller and a backup.
Two Hyper V hosts with the following 4 VMS
   2 mssql 2005 servers
   1 2003 Terminal Server
   1 2008 Server Phone Server

What are the best practices to make this change and pit falls?
Who is Participating?
Will SzymkowskiConnect With a Mentor Senior Solution ArchitectCommented:
If you change the password for the domain admin account it should not affect anything in your environment. However, if you are using this account for services that are running on your member servers i.e. SQL, Exchange, Apps etc you will break these servers by changing the password.

Best thing for that is to create services accounts which represent the servers like svc_sql, svc_exchange etc. I would change this if you are currently using your domain admin account for services accounts.

I would also recommend renaming your domain admin account to something else other than "administrator". You can do this by modifying the default domain policy using GPO.

rename domain admin account -

Verify that your services and scheduled tasks are not using the administrator account for any servers and then you can change it without any worry.


Kyle GreenConnect With a Mentor Commented:
To change your admin password take a look at this...!/2013/01/reset-active-directory-administrator-password.html

That's for Server 2012 but I don't think the methodology will be different from what you need.

As for what this does, if you're running service accounts with lowest possible permissions for those servers you'll be fine. If you're running everything off of the admin account, which is terribly dangerous for MANY reasons, you will need to change the password on each individual server. If I remember correctly (which I sometimes don't) you'll need to examine your group security policies to make sure that no one but you has the rights to change the administrator password.

If you inherited the network and you're finding people have the admin password I suggest you change it immediately and perform a full audit of your security.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.