Solved

Server 2008, cant change password - HELP!

Posted on 2014-03-19
20
2,524 Views
Last Modified: 2014-04-01
Server 2008 R2 Not a domain controller! Part of a workgroup.

When trying to Change Password via Ctrl + Alt + Delete I get: "configuration information could not be read from the domain controller, either because the machine is unavailable, or because access is denied"

I don't understand :/
0
Comment
Question by:triphen
  • 10
  • 6
  • 2
  • +1
20 Comments
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39941577
It sounds as though this machine is/was part of a domain and perhaps was not properly moved back to workgroup mode.  A login would still work in such circumstances if credentials got cached, but password changes would fail.
0
 

Author Comment

by:triphen
ID: 39941579
Server was never a part of a domain :/

My user is a part of the admin group and only that group...
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39941587
Did hoi check the system properties to verify that your machine is still in a workgroup? Perhaps it hot domain joined on accident, or even possibly maliciously (malware, etc) because architecturally, you just wouldn't get the message you describe any other way.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:triphen
ID: 39941592
100% not currently part of a domain.
100% never part of a domain.
Malware might be it, even though I doubt it.
Has to be some stupid option somewhere :/
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39941607
Reboot server in directory service restore mode

Then run dcpromo /forceremoval command from run menu

Follow on screen instructions and finally set new password and reboot

Upon reboot check if you can logon without any issue

Mahesh
0
 
LVL 13

Expert Comment

by:Andy M
ID: 39941914
What happens if you try to change the password from the Computer management screen?

1. Open start menu > right click on "Computer" and click "Computer Management" or "Manage". If this is not available you can also try going to Start Menu > Administrative Tools > Computer Management
2. In here open System Tools > Local Users and Groups
3. Expand Users and right-click on the local account you want to change the password for, should give you the option to "Set Password".
0
 

Author Comment

by:triphen
ID: 39944285
Set Password is not the same as Change Password.

By setting password your break the Windows SID corrupting all programs that use the Windows SID. In fact, a big warning popups informing you of this if you chose Set Password from Computer Management. This is why I need to Change Password vs Set Password.


Again, this server was never a part of a domain.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39944642
If the server is not part of domain, what's the difference in change password and reset \ set password ?

The sid will never change no matter how much time you set password

Previously I thought that you are unable to login to server

Check your server dns settings, it might be pointed to non existent DNS server (AD server) causing this issue

If you are able to logon locally I don't see any harm in setting password through lusrmgr.msc or compmgmt.msc
I have done this kind of password set and it has not broke any thing on my app servers

Mahesh
0
 

Author Comment

by:triphen
ID: 39944693
Mahesh,

I can login no problem. I just need to change the password.

See attached. This warning is displayed if you do Set Password vs Change Password. Read carefully. I personally have lost data using EFS (encrypted file system) then changing the password using Set Password method. Also, some applications I use WILL give problems if the password is changed using Set Password vs Change Password.

DNS is pointing to the gateway.
setpassword.png
0
 

Author Comment

by:triphen
ID: 39944695
Running dcpromo /forceremoval brings up AD Setup and asks to join existing forest or create a domain in a new forest.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39944786
After you reset the password of an account on a Windows XP-based computer that is joined to a workgroup, you may lose access to the user's:
•Web page credentials.
•File share credentials.
•EFS-encrypted files.
•Certificates with private keys (SIGNED/ENCRYPTed e-mail).

http://support.microsoft.com/kb/290260

If you don't have EFS on this workgroup server (I believe its not), you can safely ignore warning message and can reset password
Even if you have EFS, just export EFS certificate \ any other certificates with private key from local certificate MMC personal store 1st and then reset password

Mahesh
0
 
LVL 13

Expert Comment

by:Andy M
ID: 39945021
If you create another account on this server (that has same rights as the current account) and try to change the password does this work fine or come back with same problem?
0
 

Author Comment

by:triphen
ID: 39946194
Mahesh,

Research this error "-2146893813". This is what happens to certain programs if you change your password using Set Password vs Change Password.

I cant login out of the current user as it will stop critical services :/
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39946248
I have checked on internet
http://social.msdn.microsoft.com/Forums/sqlserver/en-US/e5f582b4-7336-4f64-995f-7b1ba94a15d4/win32-error2146893813-with-sql-2005-on-xp?forum=sqldatabaseengine

one found related to this

other also facing this issue but for some other reason

But I never faced this issue on any app servers

You may try with net user command
net user administrator password

This will change it without any warning and hopefully not break any thing on server
Also just check on the server any thing (service) is not running under security context of administrator

Mahesh
0
 

Author Comment

by:triphen
ID: 39946275
This is a specific app that breaks if you Set the password.

net user command also breaks, because you don't enter the old password :/
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39946290
This is strange behaviour
Sorry, I am running out of ideas
Some another expert will help hopefully

Just wondering if application has provision to make any password changes or its behaviour changes ?
0
 

Author Comment

by:triphen
ID: 39946300
Thanks for your efforts!

I don't understand you question...can you rephrase?
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39946328
What i mean, if you could change the application behaviour so that it will not remains depends on admin password
may be this is out of your scope \ skill set, but I really don't see any option other than that
if normal Ctrl+Alt+del is not working...

have you checked that server is pointing to any orphaned DNS server and causing you getting error during Ctrl+Alt+del

One option is there but not affordable if above option still not working..
Run sysprep on server and change its SID
But I believe this will break application and more even it will break server windows activation, you may need to reactivate windows but it will hopefully resolve your standard password change option
I don't know how simple \ hard is to fix braked application after running sysprep
0
 

Accepted Solution

by:
triphen earned 0 total points
ID: 39960553
When in doubt, restart :)

Restart on the server fixed it. Strange huh?
0
 

Author Closing Comment

by:triphen
ID: 39968797
Restart was the only thing that resolved the issue.
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
User Being Logged Out of AD 6 78
full control root but more restrictive lower permissions 1 57
GPO reset 2 46
SonicWall blocking access to MS RDP RemoteApp 24 42
Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question