Solved

resetting admin password on sbs 2003 - i tried utilman.exe but there's no way to activate it?

Posted on 2014-01-17
6
1,208 Views
Last Modified: 2014-01-19
trying to reset the password on an SBS 2003 box.  booted off linux USB, changed cmd.exe to utilman.exe and rebooted.  BUt there's no accessibility settings to start utilman : (

any ideas?

we tried windows + U and that didn't work either.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 14

Accepted Solution

by:
comfortjeanius earned 400 total points
ID: 39789041
Can you remote to the server when it is on?  If so you can open command prompt with elevated privileges.
First you will have to make sure Remote Registry is running:
Type:
sc \\<remote computer> start RemoteRegistry

Open in new window

Plus you want to download PsTools

You can install it in the c:\\windows\system32 folder location or where ever you want. Prime example mine is located in C:\\users\<username>\Documents\Software\Pstools. You will need to navigate to the folder location to perform the commands from the cmd prompt.

In the cmd prompt type:
pspasswd \\<remote computer name or ip address> accountname <newpassword>

Open in new window


For domain accounts
Type:
pspasswd  Domain\Account <newpassword>

Open in new window

0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39789058
thanks.  I am going to try to remote into it as you describe.

I have erd commander and can boot into that / browse files on the server.  no way to rename anything else to get a command prompt or similiar, huh?  the app that runs the login page?  Replace that with CMD?  anything?!  I can browse the machine's files.  Not really sure what the server name is (this is a wacked situation - they can't reach their it guy for months now and want to get into the server.  browsing server, there's no new files in it, machines are in workgroup, dhcp is from router, sbs box is single nic, dns is public dns servers from ISP, etc.  box really isn't being used for ANYTHING!

easiest woul dbe to wipe drive, buit now it's a learning curve.
0
 
LVL 14

Assisted Solution

by:comfortjeanius
comfortjeanius earned 400 total points
ID: 39789181
You can try Ophcrack

or you can try and use a Ubuntu Live CD to change the password Change or Reset Windows Password from a Ubuntu Live CD
0
How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39789694
Although those tools deal with local accounts not domain active directory accounts?  That said, we used erd commander and it's locksmith app to change local admin account and got in but I thought that wouldn't work?  I didn't see other users just administrator
0
 
LVL 15

Assisted Solution

by:Giovanni Heward
Giovanni Heward earned 100 total points
ID: 39791754
Copy %SystemRoot%\NTDS\NTDS.DIT, use NTDSXtract (dsusers.py module), or Windows Password Recovery, and try to crack a domain admin user hash using the online rainbow table here.

If that fails, then you'll need to search out additional rainbow tables or manually crack the hash.

Or use Passware Windows Key Enterprise.
0
 

Author Closing Comment

by:BeGentleWithMe-INeedHelp
ID: 39792277
Thanks for the tips, but again, I was able to reset the local admin password with ERD commander / locksmith and that got us back in the machine and able to completely administer it.  I wouldn't have thought that would work - but it did.
0

Featured Post

Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question