We help IT Professionals succeed at work.

Server 2008 R2 Local Administrator Account cannot change properties

Hello,

I have just installed Server 2008R2 on a test server which all went as normal. However, after doing windows updates, changing the name of the machine and rebooting the local administrator password did not work.

I used a password reset tool to reset this password but now the Administrator account seems to be disassociated in some way from he install.  I can change the password properties for the local administrator and log in and log out without any problem but when the system is rebooted any properties set on the Administrator account are lost and do not persist (this includes password, enable etc.)

Any ideas would be much appreciated. This is something I never come across in many 2008R2 installs and has me baffled.

Thanks.
Comment
Watch Question

Distinguished Expert 2019

Commented:
The local administator I think gets disabled, best to install/add a separate account to function as admin.
WORKS2011Managed IT Services, Cyber Security, Backup

Commented:
I used a password reset tool to reset this password
what password reset tool did you use? If the tool made the change via the registry I would suggest it's something in the tool. Why did you use a tool and not reset it yourself?
WORKS2011Managed IT Services, Cyber Security, Backup

Commented:
I would be concerned the problem you're experiencing may be the beginning of something else. The other side of your situation is the local administrator account is often disabled for security reasons.
kevinhsiehNetwork Engineer

Commented:
Is this machine part of a domain? I have group policies that change the local administrator password. Maybe you have the same thing going on.
Top Expert 2014

Commented:
If you can log in and out, why not create another account you can use?

Author

Commented:
Hi all, thanks for the comments. The machine is a new install and not part of a domain. I can login and create another administrator account which is fine for now but this seemed a very odd problem. I used a password reset tool as it is something that was available to me. I believe it just uses a winpe boot and net user commands the tool is by Spower. I think I am just going to re install as I don't really trust it. Thanks was looking for a possible quick fix.
Leon FesterSenior Solutions Architect

Commented:
Do you have Antivirus software on all of the computers on your LAN.
The administrator password change is a symptom of Conflicker virus but I always thought that only affected domain connected PC's.

Any kind of 'strange' behaviour on an Administrator account would warrant a little deeper investigation.

I wouldn't rely on just wiping this machine if the infection spread from another PC because the next time you re-install the server you could get the same issue again.
Check your installation media, hopefully you got your installer from an Microsoft site or disk and not from a torrent.
Even a mapped drive to an infected computer could re-infect your server.
Thanks All. I am going to reinstall the machine as this is the safest solution. Thanks for help anyway.

Author

Commented:
No Solution found