Solved

Server 2008, cant change password - HELP!

Posted on 2014-03-19
20
2,367 Views
Last Modified: 2014-04-01
Server 2008 R2 Not a domain controller! Part of a workgroup.

When trying to Change Password via Ctrl + Alt + Delete I get: "configuration information could not be read from the domain controller, either because the machine is unavailable, or because access is denied"

I don't understand :/
0
Comment
Question by:triphen
  • 10
  • 6
  • 2
  • +1
20 Comments
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39941577
It sounds as though this machine is/was part of a domain and perhaps was not properly moved back to workgroup mode.  A login would still work in such circumstances if credentials got cached, but password changes would fail.
0
 

Author Comment

by:triphen
ID: 39941579
Server was never a part of a domain :/

My user is a part of the admin group and only that group...
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39941587
Did hoi check the system properties to verify that your machine is still in a workgroup? Perhaps it hot domain joined on accident, or even possibly maliciously (malware, etc) because architecturally, you just wouldn't get the message you describe any other way.
0
 

Author Comment

by:triphen
ID: 39941592
100% not currently part of a domain.
100% never part of a domain.
Malware might be it, even though I doubt it.
Has to be some stupid option somewhere :/
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39941607
Reboot server in directory service restore mode

Then run dcpromo /forceremoval command from run menu

Follow on screen instructions and finally set new password and reboot

Upon reboot check if you can logon without any issue

Mahesh
0
 
LVL 13

Expert Comment

by:Andy M
ID: 39941914
What happens if you try to change the password from the Computer management screen?

1. Open start menu > right click on "Computer" and click "Computer Management" or "Manage". If this is not available you can also try going to Start Menu > Administrative Tools > Computer Management
2. In here open System Tools > Local Users and Groups
3. Expand Users and right-click on the local account you want to change the password for, should give you the option to "Set Password".
0
 

Author Comment

by:triphen
ID: 39944285
Set Password is not the same as Change Password.

By setting password your break the Windows SID corrupting all programs that use the Windows SID. In fact, a big warning popups informing you of this if you chose Set Password from Computer Management. This is why I need to Change Password vs Set Password.


Again, this server was never a part of a domain.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39944642
If the server is not part of domain, what's the difference in change password and reset \ set password ?

The sid will never change no matter how much time you set password

Previously I thought that you are unable to login to server

Check your server dns settings, it might be pointed to non existent DNS server (AD server) causing this issue

If you are able to logon locally I don't see any harm in setting password through lusrmgr.msc or compmgmt.msc
I have done this kind of password set and it has not broke any thing on my app servers

Mahesh
0
 

Author Comment

by:triphen
ID: 39944693
Mahesh,

I can login no problem. I just need to change the password.

See attached. This warning is displayed if you do Set Password vs Change Password. Read carefully. I personally have lost data using EFS (encrypted file system) then changing the password using Set Password method. Also, some applications I use WILL give problems if the password is changed using Set Password vs Change Password.

DNS is pointing to the gateway.
setpassword.png
0
 

Author Comment

by:triphen
ID: 39944695
Running dcpromo /forceremoval brings up AD Setup and asks to join existing forest or create a domain in a new forest.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 35

Expert Comment

by:Mahesh
ID: 39944786
After you reset the password of an account on a Windows XP-based computer that is joined to a workgroup, you may lose access to the user's:
•Web page credentials.
•File share credentials.
•EFS-encrypted files.
•Certificates with private keys (SIGNED/ENCRYPTed e-mail).

http://support.microsoft.com/kb/290260

If you don't have EFS on this workgroup server (I believe its not), you can safely ignore warning message and can reset password
Even if you have EFS, just export EFS certificate \ any other certificates with private key from local certificate MMC personal store 1st and then reset password

Mahesh
0
 
LVL 13

Expert Comment

by:Andy M
ID: 39945021
If you create another account on this server (that has same rights as the current account) and try to change the password does this work fine or come back with same problem?
0
 

Author Comment

by:triphen
ID: 39946194
Mahesh,

Research this error "-2146893813". This is what happens to certain programs if you change your password using Set Password vs Change Password.

I cant login out of the current user as it will stop critical services :/
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39946248
I have checked on internet
http://social.msdn.microsoft.com/Forums/sqlserver/en-US/e5f582b4-7336-4f64-995f-7b1ba94a15d4/win32-error2146893813-with-sql-2005-on-xp?forum=sqldatabaseengine

one found related to this

other also facing this issue but for some other reason

But I never faced this issue on any app servers

You may try with net user command
net user administrator password

This will change it without any warning and hopefully not break any thing on server
Also just check on the server any thing (service) is not running under security context of administrator

Mahesh
0
 

Author Comment

by:triphen
ID: 39946275
This is a specific app that breaks if you Set the password.

net user command also breaks, because you don't enter the old password :/
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39946290
This is strange behaviour
Sorry, I am running out of ideas
Some another expert will help hopefully

Just wondering if application has provision to make any password changes or its behaviour changes ?
0
 

Author Comment

by:triphen
ID: 39946300
Thanks for your efforts!

I don't understand you question...can you rephrase?
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39946328
What i mean, if you could change the application behaviour so that it will not remains depends on admin password
may be this is out of your scope \ skill set, but I really don't see any option other than that
if normal Ctrl+Alt+del is not working...

have you checked that server is pointing to any orphaned DNS server and causing you getting error during Ctrl+Alt+del

One option is there but not affordable if above option still not working..
Run sysprep on server and change its SID
But I believe this will break application and more even it will break server windows activation, you may need to reactivate windows but it will hopefully resolve your standard password change option
I don't know how simple \ hard is to fix braked application after running sysprep
0
 

Accepted Solution

by:
triphen earned 0 total points
ID: 39960553
When in doubt, restart :)

Restart on the server fixed it. Strange huh?
0
 

Author Closing Comment

by:triphen
ID: 39968797
Restart was the only thing that resolved the issue.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now