Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SBS 2011 Domain Admin password changed employee quit

Posted on 2013-10-28
9
Medium Priority
?
705 Views
Last Modified: 2014-02-25
Client called this morning and their office manager quit and changed the domain admin password on the server before they left.

We can no longer log into the server as the domain admin.  Anyone know of tools to reset the domain admin password?  Microsoft has been no help thus far.
0
Comment
Question by:breynolds01
  • 5
  • 3
9 Comments
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 1000 total points
ID: 39606837
Check out Scorpion Software's Crack The Cred series of videos - it takes about 2 minutes to reset the domain admin password *IF* you have physical access AND the C: drive is not encrypted (BitLocker, etc).

(And once you do this, you should make VERY CERTAIN that the server is SECURELY locked away and encrypt the C: drive).

http://www.scorpionsoft.com/videos/crackthecred
(Episode 105)
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 1000 total points
ID: 39609971
I agee with leew but you may also want to check out this page.
Use at your own risk

http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm
0
 

Expert Comment

by:mjoiner
ID: 39884764
This crackthecred did not work for my sbs 2008 server.  I was able to get into command prompt as system and the command to change administrator account password worked but it did not change anything.  I still receive username or password is incorrect error.  Ideas why this would work on every step but not allow me to login with new credential I created?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 39884793
It's possible the account was disabled.
net user administrator /active:yes

You can also review the existing accounts on the server and try changing the password on those.
0
 

Expert Comment

by:mjoiner
ID: 39885513
I did perform the net user administrator /active:yes command to enable the administrator user account and changed password to this account from command line.  Still get error "username or password is incorrect".  I know this error is incorrect.  Maybe active directory is messed up, but I know the utilman.exe fix did not work in my case.  It was really cool fix and I wish it would have worked, but something else needs to happen on this server.
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 39886173
You can also review the existing accounts on the server and try changing the password on those.

Or was that the only admin account ever created on it?
0
 

Expert Comment

by:mjoiner
ID: 39886448
I only created one admin acct. I've tried that and three other user acct that had admin credentials. None work.
0
 

Expert Comment

by:mjoiner
ID: 39886625
Also, I'd like to add that something is off on the DNS server side.  Each of the users had drive mappings to the server that were in \\servername\sharename format.  These all stopped working until I remapped the drives with \\192.168.xx.xx\sharename format.

Also, the people told me they had hard booted the server five or six times because they did not know the administrator password and needed to reboot server???  This seems it could have caused some damage and before yesterday when I was able to type in explorer.exe from command prompt and update server and reboot properly, who knows the last time the server had been shut down or rebooted properly.

So if AD and or DNS is corrupt, what is the best way to fix?
0
 

Expert Comment

by:mjoiner
ID: 39887601
btw I can login to safe mode on sbs 2008 server with domain admin credentials.  However cannot login to DSRM.  Several errors about AD and GP in event log.  Guess AD is malfunctioning because DNS is required to function.  Something can't load in group policy either.  What is the component that this house of cards fell because of?
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question