Solved

SBS 2008 - Forgotten Domain Admin Password

Posted on 2014-02-24
14
690 Views
Last Modified: 2014-03-03
Hi,

I have a bit of a problem... A client has changed the administrator password on their server at the expiry date and now has forgotten what the password is! This has left me in a bit of a mess as i need to be able to resolve issues on their network and now cant.

Here's where i'm currently at with it, and since i've practically pulled all my hair out today i'd really like some other hints!
I have discovered that you can login to the system with another user account, but of course this is not local admin or domain admin so i can not reset passwords. Using this account i did try the net user command from CMD but got a permission denied error as expected.
I've tried using the SBS2008 disc going into repair and running CMD, but this utility doesn't see the server hard drive!
I've downloaded this: http://www.stellarinfo.com/password-recovery/windows-server-password-recovery.php and this does seem to have got me somewhere, but here's the problem i then get... Firstly, their application crashed resetting the password the first time, so i restarted the server in hope and this time it seemed slightly promising! The server actually went through applying computer settings on reboot, but then changed to 'Applying default security policy' which it's never done before. Still, it didn't work.
So the next time, i ran the software and used CMD once in, firstly i ran 'net user Administrator /active:yes' followed by 'net user Administrator PASSWORDHERE'. All changes applied successfully, but upon reboot, it ran the same security policy setting and needless to say the administrator account isn't.

Now I've reached the end of my thoughts, what can i do? Reinstalling the server software simply isn't an option. Fundamentally everything works.... i just can't change anything!

Any help really would be greatly appreciated and to whoever helps resolve it, i may consider sending a packet of Biscuits!

Josh
0
Comment
Question by:joshhough
  • 7
  • 5
  • 2
14 Comments
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39883650
Go here: http://bit.ly/1dAmLT7

Crack the Cred Episode 105.

Watch the video and write down the steps.

Go to your SBS 08 DC and run through the steps. You need a bootable flash drive (we use Win7 OS).

Make sure you rename things by booting back into the flash based OS!

EDIT: Make sure to have the driver for the RAID controller handy just-in-case.

Philip
0
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 500 total points
ID: 39883656
I've tried using the SBS2008 disc going into repair and running CMD, but this utility doesn't see the server hard drive!

This is because the Windows DVD doesn't have drivers for the disk controller.  Load them and it will see the drive.  OR use a Windows 7 or Windows 8 or Server 2012 CD / Flash drive.

Check out the 5th episode of Crack The Cred at http://www.scorpionsoft.com/videos/crackthecred 

(Also, it looks like - if I'm interpreting what you did correctly - when you reset the password with Net User you were resetting it for the CD's instance of the administrator account - not the servers.  That's why didn't work.  Follow the 5 minute crack the cred video and you should be fine (if what you did before doing that didn't corrupt something)).
0
 
LVL 1

Author Comment

by:joshhough
ID: 39883841
Hi,

Thanks for your suggestions. In fact, i'm almost sure i didnt reset the CD's instance as the reset to the password was done once booting into Directory Services Restore Mode.

Thanks,

Josh
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 38

Expert Comment

by:Philip Elder
ID: 39883873
We've used the indicated method in the video many times to run a reset operation on a DC.

It works very well without needing any kind of third party product(s) or DSRM (which requires the original password if not reset at some time).

Philip
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 39883920
Directory services restore mode is not the same thing.  Please follow the directions Philip and I posted.  I too have done this procedure several times with 100% success doing it as described in the video.
0
 
LVL 1

Author Comment

by:joshhough
ID: 39887092
Sorry, i'm lost. The video you suggested is for the Samsung Galaxy, how do the steps apply to Small Business Server 2008?
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39887126
Hover over the right hand side to get the playlist.
PlaylistPhilip
0
 
LVL 1

Author Comment

by:joshhough
ID: 39887164
Ah, brilliant thanks. I've tried this though, but i can't get the repair wizard to show the installation of SBS 2008, even though its the same media.

Otherwise this was my first step. When i then go into CMD, it doesn't show drive C.
0
 
LVL 1

Author Comment

by:joshhough
ID: 39887181
As i can get local access, i haven't tried accessing c itself, i'll try this when i'm in tomorrow, but can i put Utilman in the right place through being logged in? then i wouldn't need the install media to be able to access the hard drives?

Or does it require admin rights to access System32?

Thanks,

Josh
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39887186
We use a flash drive with Windows 7 x64 OS that is bootable (it is used to install the OS). We flip to the repair option and CMD from there. In this case we would run with a Windows Server 2008 R2 or 2012 RTM/R2 based bootable flash drive.

Then we run the steps indicated in the video.

You need the RAID controller driver as well if it is something out of the ordinary and not picked up by the in-box driver set.

Philip
0
 
LVL 1

Author Comment

by:joshhough
ID: 39887242
Hi Philip,

Thanks for the suggestion. Interestingly, its a Fujitsu Server with an LSI raid card - the MegaRaid or something - A Primergy TX110 S1 (i think). The disc i use is the disc that came with the server which i used for the original OS install. Odd how now it doesn't pick it up.

Thanks,

Josh
0
 
LVL 1

Author Comment

by:joshhough
ID: 39888691
Hi,

Here's where i'm at now. I havent been able to turn the server off as its working hours, but i did login to the server using an account that is not a local admin. This account however, is able to see the whole of the c drive. Where should UTILMAN be located for this to work? I can manually copy/paste it without needing the setup disc if anyone knows.

Currently its in C:\Windows\System32\Utilman.exe. If i log out, and press windows key and U, currently it just brings up ease of access.

Any help, again, greatly appreciated.

Thanks,

Josh
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39890484
Josh,

The only way to do it is to follow the steps exactly as they are outlined in the video.

Philip
0
 
LVL 1

Author Comment

by:joshhough
ID: 39899901
Hi All,

Thanks for your help. Following the video step by step i got there and managed to get in and reset the password.

Thanks,

Josh
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question