Solved

reset lost administrator password for Windows Server 2003 (AD)?

Posted on 2015-01-11
10
569 Views
Last Modified: 2015-03-08
I've been contacted by a local golf course that has lost login access to their Windows 2003 server (suspected cause is a password change by a disgruntled ex-manager).

When I visited the site, they have the password taped to the wall behind the server and it had been working until a few weeks ago.
When they try to login now it says incorrect username or password.

I've tried booting from the UBCD and running the Offline NT Password Editor application and it can see the hard drives (it's a RAID5) and the NTFS partition (DEV/SDA1), but when it tries to mount the partition, it fails with the error:
Failed to read last sector (sector number): invalid argument.   etc etc.  NTFS Probe returned error code 12.  Sorry, cannot continue
error
I'm assuming that it has loaded the correct RAID drivers given that it can see the HDD's and determine the partitions on the RAID volume.  So what is causing this error?

Windows boots OK, but they can't log in.  So surely it can't be an NTFS corruption... can it?
From another computer on the network, they can log in using RDC but the account is not an administrative account so I can't reset any passwords or create a new Local admin account or an AD admin account.

I'd like to reset the Local admin password and/or the AD admin password.  There appear to be a number of other user accounts in the Administrators group, so I'm waiting on the possible creators of those accounts to get back to us with possible passwords, but in regards to the actual "Administrator" account(s), what else can I try?
0
Comment
Question by:Reece Dodds
10 Comments
 
LVL 10

Expert Comment

by:cpmcomputers
ID: 40542843
I have successfully used Stella pheonix password recovery in these circumstances

Just google it ,not free but it did work
0
 
LVL 21

Expert Comment

by:RK
ID: 40543038
Hi,

There are few ways to reset the lost admin passwords, please have a look at this article http://www.petri.com/reset_domain_admin_password_in_windows_server_2003_ad.htm which might help you to resolve the issue in this situation.

Cheers
RK
0
 
LVL 7

Author Comment

by:Reece Dodds
ID: 40543479
@Rad - That petri article is similar to another I read already (they provide the same steps).  The problem is that Local admin access is required.  If the Local admin password is not known, using the Offline NT Password Editor is suggested.
I tried that first anyway, but ran into the "error 12" issue as mentioned in the question.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 500 total points
ID: 40543806
receem, your screenshot clearly shows what the problem is: the raid is not recognized. SDA is seen as a 500 GB drive and the partition table reports 1 TB (2x500GB), so the offline NT pw editor will not work here.

The solution is very easy: start some win7/win8.x setup dvd, hit shift F10 and do the old utilman.exe trick.
->First see if win7/win8.x already see the raid as being one 1TB drive. If so, rename x:\windows\system32\utilman.exe to utilman.bak and copy cmd.exe to utilman.exe. Then restart 2003, press ctrl-alt-del and click on the utilman-symbol. A command lin ewill open with system right - bingo, you can now do anything you want, for example:

net user administrator /active newpasswd
--

If setup does not see the raid, you need to provide the driver. that is no problem at all. If you need help with it, just say.
0
 
LVL 1

Expert Comment

by:bbcu
ID: 40544322
You can also try Lazesoft Recover My Password Server Edition
0
 
LVL 7

Author Comment

by:Reece Dodds
ID: 40573898
@McKnife...  what do you mean by "copy cmd.exe to utilman.exe"?  Do you mean copy it, then rename it?
0
 
LVL 54

Expert Comment

by:McKnife
ID: 40574032
Yes.
0
 
LVL 7

Author Comment

by:Reece Dodds
ID: 40574149
Can this be done without the use of a Windows 7/8 DVD?
Ie. from a user account for RDC that doesn't have local admin rights?
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 40574630
Reece,
The procedure described is done offline, outside of the OS, user accounts don't matter here. Without the use of a setup DVD, you would need to mount the hard drive in another system - do you want that?
The setup DVDs can be obtained for free and legal - you don't need a setup DVD to use it to the point where you do that utilman trick.
http://msft-dnl.digitalrivercontent.net/msvista/pub/X15-65740/X15-65740.iso is a link to win7 32 bit home premium as ISO file, you can use that.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Map drive based on local server 5 34
Migrating from SBS - cont 17 76
Regarding Ad Connect Users Access 5 27
exchange, active directory 4 23
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now