Solved

SBS 2011 Domain Admin password changed employee quit

Posted on 2013-10-28
9
650 Views
Last Modified: 2014-02-25
Client called this morning and their office manager quit and changed the domain admin password on the server before they left.

We can no longer log into the server as the domain admin.  Anyone know of tools to reset the domain admin password?  Microsoft has been no help thus far.
0
Comment
Question by:breynolds01
  • 5
  • 3
9 Comments
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 250 total points
Comment Utility
Check out Scorpion Software's Crack The Cred series of videos - it takes about 2 minutes to reset the domain admin password *IF* you have physical access AND the C: drive is not encrypted (BitLocker, etc).

(And once you do this, you should make VERY CERTAIN that the server is SECURELY locked away and encrypt the C: drive).

http://www.scorpionsoft.com/videos/crackthecred
(Episode 105)
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 250 total points
Comment Utility
I agee with leew but you may also want to check out this page.
Use at your own risk

http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm
0
 

Expert Comment

by:mjoiner
Comment Utility
This crackthecred did not work for my sbs 2008 server.  I was able to get into command prompt as system and the command to change administrator account password worked but it did not change anything.  I still receive username or password is incorrect error.  Ideas why this would work on every step but not allow me to login with new credential I created?
0
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
It's possible the account was disabled.
net user administrator /active:yes

You can also review the existing accounts on the server and try changing the password on those.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Expert Comment

by:mjoiner
Comment Utility
I did perform the net user administrator /active:yes command to enable the administrator user account and changed password to this account from command line.  Still get error "username or password is incorrect".  I know this error is incorrect.  Maybe active directory is messed up, but I know the utilman.exe fix did not work in my case.  It was really cool fix and I wish it would have worked, but something else needs to happen on this server.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
You can also review the existing accounts on the server and try changing the password on those.

Or was that the only admin account ever created on it?
0
 

Expert Comment

by:mjoiner
Comment Utility
I only created one admin acct. I've tried that and three other user acct that had admin credentials. None work.
0
 

Expert Comment

by:mjoiner
Comment Utility
Also, I'd like to add that something is off on the DNS server side.  Each of the users had drive mappings to the server that were in \\servername\sharename format.  These all stopped working until I remapped the drives with \\192.168.xx.xx\sharename format.

Also, the people told me they had hard booted the server five or six times because they did not know the administrator password and needed to reboot server???  This seems it could have caused some damage and before yesterday when I was able to type in explorer.exe from command prompt and update server and reboot properly, who knows the last time the server had been shut down or rebooted properly.

So if AD and or DNS is corrupt, what is the best way to fix?
0
 

Expert Comment

by:mjoiner
Comment Utility
btw I can login to safe mode on sbs 2008 server with domain admin credentials.  However cannot login to DSRM.  Several errors about AD and GP in event log.  Guess AD is malfunctioning because DNS is required to function.  Something can't load in group policy either.  What is the component that this house of cards fell because of?
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now