Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SBS 2011 Domain Admin password changed employee quit

Posted on 2013-10-28
9
Medium Priority
?
698 Views
Last Modified: 2014-02-25
Client called this morning and their office manager quit and changed the domain admin password on the server before they left.

We can no longer log into the server as the domain admin.  Anyone know of tools to reset the domain admin password?  Microsoft has been no help thus far.
0
Comment
Question by:breynolds01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 1000 total points
ID: 39606837
Check out Scorpion Software's Crack The Cred series of videos - it takes about 2 minutes to reset the domain admin password *IF* you have physical access AND the C: drive is not encrypted (BitLocker, etc).

(And once you do this, you should make VERY CERTAIN that the server is SECURELY locked away and encrypt the C: drive).

http://www.scorpionsoft.com/videos/crackthecred
(Episode 105)
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 1000 total points
ID: 39609971
I agee with leew but you may also want to check out this page.
Use at your own risk

http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm
0
 

Expert Comment

by:mjoiner
ID: 39884764
This crackthecred did not work for my sbs 2008 server.  I was able to get into command prompt as system and the command to change administrator account password worked but it did not change anything.  I still receive username or password is incorrect error.  Ideas why this would work on every step but not allow me to login with new credential I created?
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 39884793
It's possible the account was disabled.
net user administrator /active:yes

You can also review the existing accounts on the server and try changing the password on those.
0
 

Expert Comment

by:mjoiner
ID: 39885513
I did perform the net user administrator /active:yes command to enable the administrator user account and changed password to this account from command line.  Still get error "username or password is incorrect".  I know this error is incorrect.  Maybe active directory is messed up, but I know the utilman.exe fix did not work in my case.  It was really cool fix and I wish it would have worked, but something else needs to happen on this server.
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 39886173
You can also review the existing accounts on the server and try changing the password on those.

Or was that the only admin account ever created on it?
0
 

Expert Comment

by:mjoiner
ID: 39886448
I only created one admin acct. I've tried that and three other user acct that had admin credentials. None work.
0
 

Expert Comment

by:mjoiner
ID: 39886625
Also, I'd like to add that something is off on the DNS server side.  Each of the users had drive mappings to the server that were in \\servername\sharename format.  These all stopped working until I remapped the drives with \\192.168.xx.xx\sharename format.

Also, the people told me they had hard booted the server five or six times because they did not know the administrator password and needed to reboot server???  This seems it could have caused some damage and before yesterday when I was able to type in explorer.exe from command prompt and update server and reboot properly, who knows the last time the server had been shut down or rebooted properly.

So if AD and or DNS is corrupt, what is the best way to fix?
0
 

Expert Comment

by:mjoiner
ID: 39887601
btw I can login to safe mode on sbs 2008 server with domain admin credentials.  However cannot login to DSRM.  Several errors about AD and GP in event log.  Guess AD is malfunctioning because DNS is required to function.  Something can't load in group policy either.  What is the component that this house of cards fell because of?
0

Featured Post

What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question