Solved

Forgot password to local administrator on server. If it possible to reset from domain

Posted on 2016-08-04
9
56 Views
Last Modified: 2016-08-19
I forgot the password  to local administrator on server 2012. If it possible to reset the local password when logged in to the domain administrator user?
0
Comment
Question by:Abraham Deutsch
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 41

Expert Comment

by:Adam Brown
ID: 41742922
Yes. Domain admins have Local Administrator privileges and can reset passwords on all local user accounts.
0
 
LVL 9

Expert Comment

by:RantCan
ID: 41742928
Use the "net user" command to reset the password/enable the account on the machine for which you have forgotten the local admin password.
0
 
LVL 41

Expert Comment

by:Adam Brown
ID: 41742932
Or just open the Local Users and Groups MMC and change the password there.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 31

Expert Comment

by:Scott C
ID: 41743018
Here you go:  See the bottom for 2012 specifics.

Resetting Administrator Password in Windows 2008 R2/ 2012 R2

· Boot from the Microsoft Windows Server 2008 DVD
· From the Install Windows menu, click “Next”.
· Select “Repair your computer”
· In the System Recovery Options, select the Operating System instance that you wish to repair and click “Next”.
· Select “Command Prompt”. The
· At the command prompt, run the following commands:
c:
cd windows\system32c:
ren Utilman.exe Utilman.exe.old
copy cmd.exe Utilman.exe
· Reboot the server allowing Windows to load as normal
· At the logon screen, press Windows Key + U.
· As the command prompt, enter the following command:
net user administrator Password12
This will set the password for the Administrator user to be Password12 (case sensitive).
Closing the command prompt, you should now be able to log back onto the server using the password you have provided in the last step.
Cleanup Steps
Once you have verified you can log on to the server you will have repeat the steps above and boot using the Windows Server 2008 DVD/ISO and run the command prompt again.
· Delete the newly created Utilman.exe from C:\Windows\System32
· Rename Utilman.exe.old back to Utilman.exe
You should be back up and running as if nothing ever happened.

2012 R2 Specifics
· After choosing "Repair your computer" you are asked to choose and option….click on "Troubleshoot" then choose "Command Prompt".
0
 
LVL 2

Author Comment

by:Abraham Deutsch
ID: 41743443
Did net user commend but only listed the domain user not the local [I changed the password on that user, it changed the password of the domain login not of the local)

Would you give me little more guidance where in the console I will find this option.

PS there is a work around way doing it via GPO. But prefer doing it correct way.

The way doing  it thru the installation dvd and cmd is only used a last option
0
 
LVL 41

Expert Comment

by:Adam Brown
ID: 41761793
Right click the start button, select Manage Computer, from there, you can get to the Local Users and Groups portion of the computer management console. The users listed there are the local users on the server. Change the password for the local administrator there.
0
 
LVL 2

Author Comment

by:Abraham Deutsch
ID: 41761896
See attached snapshots from MMC and computer management there is no such option.
Computer-management.JPG
MMC.JPG
0
 
LVL 41

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41761916
It's a DC...domain controllers have no local users. Are you talking about the directory services restore password?
0
 
LVL 31

Expert Comment

by:Scott C
ID: 41762340
As Adam said..it's a DC.  When you did my suggestion, you changed the password you needed to.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Here's a look at newsworthy articles and community happenings during the last month.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question