Solved

resetting admin password on sbs 2003 - i tried utilman.exe but there's no way to activate it?

Posted on 2014-01-17
6
1,137 Views
Last Modified: 2014-01-19
trying to reset the password on an SBS 2003 box.  booted off linux USB, changed cmd.exe to utilman.exe and rebooted.  BUt there's no accessibility settings to start utilman : (

any ideas?

we tried windows + U and that didn't work either.
0
Comment
  • 3
  • 2
6 Comments
 
LVL 14

Accepted Solution

by:
comfortjeanius earned 400 total points
Comment Utility
Can you remote to the server when it is on?  If so you can open command prompt with elevated privileges.
First you will have to make sure Remote Registry is running:
Type:
sc \\<remote computer> start RemoteRegistry

Open in new window

Plus you want to download PsTools

You can install it in the c:\\windows\system32 folder location or where ever you want. Prime example mine is located in C:\\users\<username>\Documents\Software\Pstools. You will need to navigate to the folder location to perform the commands from the cmd prompt.

In the cmd prompt type:
pspasswd \\<remote computer name or ip address> accountname <newpassword>

Open in new window


For domain accounts
Type:
pspasswd  Domain\Account <newpassword>

Open in new window

0
 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
thanks.  I am going to try to remote into it as you describe.

I have erd commander and can boot into that / browse files on the server.  no way to rename anything else to get a command prompt or similiar, huh?  the app that runs the login page?  Replace that with CMD?  anything?!  I can browse the machine's files.  Not really sure what the server name is (this is a wacked situation - they can't reach their it guy for months now and want to get into the server.  browsing server, there's no new files in it, machines are in workgroup, dhcp is from router, sbs box is single nic, dns is public dns servers from ISP, etc.  box really isn't being used for ANYTHING!

easiest woul dbe to wipe drive, buit now it's a learning curve.
0
 
LVL 14

Assisted Solution

by:comfortjeanius
comfortjeanius earned 400 total points
Comment Utility
You can try Ophcrack

or you can try and use a Ubuntu Live CD to change the password Change or Reset Windows Password from a Ubuntu Live CD
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
Although those tools deal with local accounts not domain active directory accounts?  That said, we used erd commander and it's locksmith app to change local admin account and got in but I thought that wouldn't work?  I didn't see other users just administrator
0
 
LVL 14

Assisted Solution

by:Giovanni Heward
Giovanni Heward earned 100 total points
Comment Utility
Copy %SystemRoot%\NTDS\NTDS.DIT, use NTDSXtract (dsusers.py module), or Windows Password Recovery, and try to crack a domain admin user hash using the online rainbow table here.

If that fails, then you'll need to search out additional rainbow tables or manually crack the hash.

Or use Passware Windows Key Enterprise.
0
 

Author Closing Comment

by:BeGentleWithMe-INeedHelp
Comment Utility
Thanks for the tips, but again, I was able to reset the local admin password with ERD commander / locksmith and that got us back in the machine and able to completely administer it.  I wouldn't have thought that would work - but it did.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Read about achieving the basic levels of HRIS security in the workplace.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now