SBS 2008 - Forgotten Domain Admin Password

Hi,

I have a bit of a problem... A client has changed the administrator password on their server at the expiry date and now has forgotten what the password is! This has left me in a bit of a mess as i need to be able to resolve issues on their network and now cant.

Here's where i'm currently at with it, and since i've practically pulled all my hair out today i'd really like some other hints!
I have discovered that you can login to the system with another user account, but of course this is not local admin or domain admin so i can not reset passwords. Using this account i did try the net user command from CMD but got a permission denied error as expected.
I've tried using the SBS2008 disc going into repair and running CMD, but this utility doesn't see the server hard drive!
I've downloaded this: http://www.stellarinfo.com/password-recovery/windows-server-password-recovery.php and this does seem to have got me somewhere, but here's the problem i then get... Firstly, their application crashed resetting the password the first time, so i restarted the server in hope and this time it seemed slightly promising! The server actually went through applying computer settings on reboot, but then changed to 'Applying default security policy' which it's never done before. Still, it didn't work.
So the next time, i ran the software and used CMD once in, firstly i ran 'net user Administrator /active:yes' followed by 'net user Administrator PASSWORDHERE'. All changes applied successfully, but upon reboot, it ran the same security policy setting and needless to say the administrator account isn't.

Now I've reached the end of my thoughts, what can i do? Reinstalling the server software simply isn't an option. Fundamentally everything works.... i just can't change anything!

Any help really would be greatly appreciated and to whoever helps resolve it, i may consider sending a packet of Biscuits!

Josh
LVL 1
joshhoughAsked:
Who is Participating?
 
Lee W, MVPConnect With a Mentor Technology and Business Process AdvisorCommented:
I've tried using the SBS2008 disc going into repair and running CMD, but this utility doesn't see the server hard drive!

This is because the Windows DVD doesn't have drivers for the disk controller.  Load them and it will see the drive.  OR use a Windows 7 or Windows 8 or Server 2012 CD / Flash drive.

Check out the 5th episode of Crack The Cred at http://www.scorpionsoft.com/videos/crackthecred 

(Also, it looks like - if I'm interpreting what you did correctly - when you reset the password with Net User you were resetting it for the CD's instance of the administrator account - not the servers.  That's why didn't work.  Follow the 5 minute crack the cred video and you should be fine (if what you did before doing that didn't corrupt something)).
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Go here: http://bit.ly/1dAmLT7

Crack the Cred Episode 105.

Watch the video and write down the steps.

Go to your SBS 08 DC and run through the steps. You need a bootable flash drive (we use Win7 OS).

Make sure you rename things by booting back into the flash based OS!

EDIT: Make sure to have the driver for the RAID controller handy just-in-case.

Philip
0
 
joshhoughAuthor Commented:
Hi,

Thanks for your suggestions. In fact, i'm almost sure i didnt reset the CD's instance as the reset to the password was done once booting into Directory Services Restore Mode.

Thanks,

Josh
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
We've used the indicated method in the video many times to run a reset operation on a DC.

It works very well without needing any kind of third party product(s) or DSRM (which requires the original password if not reset at some time).

Philip
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Directory services restore mode is not the same thing.  Please follow the directions Philip and I posted.  I too have done this procedure several times with 100% success doing it as described in the video.
0
 
joshhoughAuthor Commented:
Sorry, i'm lost. The video you suggested is for the Samsung Galaxy, how do the steps apply to Small Business Server 2008?
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Hover over the right hand side to get the playlist.
PlaylistPhilip
0
 
joshhoughAuthor Commented:
Ah, brilliant thanks. I've tried this though, but i can't get the repair wizard to show the installation of SBS 2008, even though its the same media.

Otherwise this was my first step. When i then go into CMD, it doesn't show drive C.
0
 
joshhoughAuthor Commented:
As i can get local access, i haven't tried accessing c itself, i'll try this when i'm in tomorrow, but can i put Utilman in the right place through being logged in? then i wouldn't need the install media to be able to access the hard drives?

Or does it require admin rights to access System32?

Thanks,

Josh
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
We use a flash drive with Windows 7 x64 OS that is bootable (it is used to install the OS). We flip to the repair option and CMD from there. In this case we would run with a Windows Server 2008 R2 or 2012 RTM/R2 based bootable flash drive.

Then we run the steps indicated in the video.

You need the RAID controller driver as well if it is something out of the ordinary and not picked up by the in-box driver set.

Philip
0
 
joshhoughAuthor Commented:
Hi Philip,

Thanks for the suggestion. Interestingly, its a Fujitsu Server with an LSI raid card - the MegaRaid or something - A Primergy TX110 S1 (i think). The disc i use is the disc that came with the server which i used for the original OS install. Odd how now it doesn't pick it up.

Thanks,

Josh
0
 
joshhoughAuthor Commented:
Hi,

Here's where i'm at now. I havent been able to turn the server off as its working hours, but i did login to the server using an account that is not a local admin. This account however, is able to see the whole of the c drive. Where should UTILMAN be located for this to work? I can manually copy/paste it without needing the setup disc if anyone knows.

Currently its in C:\Windows\System32\Utilman.exe. If i log out, and press windows key and U, currently it just brings up ease of access.

Any help, again, greatly appreciated.

Thanks,

Josh
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Josh,

The only way to do it is to follow the steps exactly as they are outlined in the video.

Philip
0
 
joshhoughAuthor Commented:
Hi All,

Thanks for your help. Following the video step by step i got there and managed to get in and reset the password.

Thanks,

Josh
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.