Solved

resetting admin password on sbs 2003 - i tried utilman.exe but there's no way to activate it?

Posted on 2014-01-17
6
1,189 Views
Last Modified: 2014-01-19
trying to reset the password on an SBS 2003 box.  booted off linux USB, changed cmd.exe to utilman.exe and rebooted.  BUt there's no accessibility settings to start utilman : (

any ideas?

we tried windows + U and that didn't work either.
0
Comment
  • 3
  • 2
6 Comments
 
LVL 14

Accepted Solution

by:
comfortjeanius earned 400 total points
ID: 39789041
Can you remote to the server when it is on?  If so you can open command prompt with elevated privileges.
First you will have to make sure Remote Registry is running:
Type:
sc \\<remote computer> start RemoteRegistry

Open in new window

Plus you want to download PsTools

You can install it in the c:\\windows\system32 folder location or where ever you want. Prime example mine is located in C:\\users\<username>\Documents\Software\Pstools. You will need to navigate to the folder location to perform the commands from the cmd prompt.

In the cmd prompt type:
pspasswd \\<remote computer name or ip address> accountname <newpassword>

Open in new window


For domain accounts
Type:
pspasswd  Domain\Account <newpassword>

Open in new window

0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39789058
thanks.  I am going to try to remote into it as you describe.

I have erd commander and can boot into that / browse files on the server.  no way to rename anything else to get a command prompt or similiar, huh?  the app that runs the login page?  Replace that with CMD?  anything?!  I can browse the machine's files.  Not really sure what the server name is (this is a wacked situation - they can't reach their it guy for months now and want to get into the server.  browsing server, there's no new files in it, machines are in workgroup, dhcp is from router, sbs box is single nic, dns is public dns servers from ISP, etc.  box really isn't being used for ANYTHING!

easiest woul dbe to wipe drive, buit now it's a learning curve.
0
 
LVL 14

Assisted Solution

by:comfortjeanius
comfortjeanius earned 400 total points
ID: 39789181
You can try Ophcrack

or you can try and use a Ubuntu Live CD to change the password Change or Reset Windows Password from a Ubuntu Live CD
0
Watch Anatomy of a Wi-Fi Hack On-Demand

In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MitM to wreak havoc on your network. View our Wi-Fi Expert in an on-demand episode of our Secure Wi-Fi mini-series as he explores the motives, execution, and anatomy of a Wi-Fi hack.

 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39789694
Although those tools deal with local accounts not domain active directory accounts?  That said, we used erd commander and it's locksmith app to change local admin account and got in but I thought that wouldn't work?  I didn't see other users just administrator
0
 
LVL 15

Assisted Solution

by:Giovanni Heward
Giovanni Heward earned 100 total points
ID: 39791754
Copy %SystemRoot%\NTDS\NTDS.DIT, use NTDSXtract (dsusers.py module), or Windows Password Recovery, and try to crack a domain admin user hash using the online rainbow table here.

If that fails, then you'll need to search out additional rainbow tables or manually crack the hash.

Or use Passware Windows Key Enterprise.
0
 

Author Closing Comment

by:BeGentleWithMe-INeedHelp
ID: 39792277
Thanks for the tips, but again, I was able to reset the local admin password with ERD commander / locksmith and that got us back in the machine and able to completely administer it.  I wouldn't have thought that would work - but it did.
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Read about achieving the basic levels of HRIS security in the workplace.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question