Solved

Server 2008-R2 lost password

Posted on 2016-10-30
19
134 Views
Last Modified: 2016-11-08
We have a VMWare virtual machine  running Windows  2008-R2 that is not allowing us access after it went out of the Domain; we get “The security database on the server does not have a computer account for this workstation trust relationship” when we try to login.
The problem is we lost the password for the local “Administrator” account, is there a workaround this problem (maybe by copying the machine file to another location in a different datastore? I know is a long shot but I will appreciate all the help I can get.
0
Comment
Question by:FCHCAdmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 4
  • +3
19 Comments
 
LVL 79

Expert Comment

by:arnold
ID: 41866079
There are many ways to recover from unknown password, deals with booting using Windows OS, accessing the installed OS, triggering the command window after bootup when easy access tools are invoked during logon screen. Utilman.exe launching cmd.exe instead.
0
 

Expert Comment

by:Shahab Ghosni
ID: 41866081
it's simple! if your active partition is not encrypted witch i don't think it is use KON-BOOT live disk to bypass local admin password! the password is just bypassed and you need to reset it after logon! force disjoin the machine and join it again
0
 

Expert Comment

by:Janez Škrbec
ID: 41866082
I believe bottom link is what you are looking for. I had the same problem and this resolved my problem.

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 88

Expert Comment

by:rindi
ID: 41866093
As it is the local admin password that you need to reset, just boot the Server from the UBCD and then select the Offline NT Password and Registry Editor tool, under HDD/Data Recovery section:


http://www.ultimatebootcd.com/download.html
0
 

Author Comment

by:FCHCAdmin
ID: 41866310
Janez Škrbec; I followed all instructions in the link, I get to set the administrator password successfully but still don't let me in and now I can't delete utilman.exe or rename utilman.exe.bak to utilman.exe is denying me access.

rindi; I can't find a "offline NT Password and Registry Editor Tool" this are the options I get (see attach) please advise.
Capture.PNG
0
 

Expert Comment

by:Shahab Ghosni
ID: 41866341
Dear FCHCAdmin microsoft never let you bypass it's security that easy! before causing damage to your critical files try the KON-BOOT!
http://www.piotrbania.com/all/kon-boot/
I use it all the time and as I said if your drive is not encrypted you'll bypass the admin password!
If you don't like risk of spending money download it from torrent and if successful, pay them to be fair 😊
0
 

Author Comment

by:FCHCAdmin
ID: 41866411
Shahab; I followed your advice and purchased kon-boot (1 license). When I boot from the iso disk I can see to application logo but immediately put me on the login screen again with the same problem, Is there a key I need to hold during boot or something? What am I doing wrong?
0
 

Expert Comment

by:Shahab Ghosni
ID: 41866416
when you are on login screen make sure your usename is your local admin and leave the password blank and press enter 😊
0
 
LVL 79

Expert Comment

by:arnold
ID: 41866418
Do you have the Windows 2008 boot DVD ISO?
Attach the ISO as a cd/DVD to the VM, reboot, using the DVD as the boot medium. See get into the repair mode and rename utilman to a .bak while copying cmd.exe to utilman.exe.
Reboot using the VM, hit easy access.
0
 

Author Comment

by:FCHCAdmin
ID: 41866421
No luck; see attach login1 and after I hit enter get attach login 2.
login.PNG
login2.PNG
0
 
LVL 79

Expert Comment

by:arnold
ID: 41867159
To whom are you addressing the images?
My guidance if followed, upon bootup, hit the easy access which will bring up the command window with system level credentials.
Nothing in my guidance alters your login credentials.

In the command window you can add a local user net user, net localgroup to add the user into the administrative. Or update/change an accounts password. Note if you use EFS, a change in password would lock you out of access to those files unless you previously backed up the EFS cert/private key.
If you type in Administrator, without the prefix, does it reflect the same loginto name?
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41867293
The simplest with a machine that lost domain access is to try to login WHILE the network is disconnected... That way the cached domain creds' might work... Although it might be too late for this after the hacking around you did...  

But worth a try... On a VM you disable its virt. net adapter...
0
 

Author Comment

by:FCHCAdmin
ID: 41867341
Shahab: I just find out that this server is a Domain Controller and you can't create a local user account, will KON-BOOT work anyway?

Arnold: I tried your suggestion already and I got the dos screen and al the commands ran well but still does not let me in. Is the fact that this is a DC a problem?

Scott: I tried your suggestion already but no luck. I will try again in about an hour and I will keep you posted.
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41867535
sorry... Mine won't work on a DC since it looks locally for credentials...
0
 

Expert Comment

by:Shahab Ghosni
ID: 41867544
I never used it a DC but DCs have local admins as well! let me have a quick test and give you a feedback!
0
 
LVL 79

Expert Comment

by:arnold
ID: 41867764
The Dos prompt lets you set local user credentials, on a DC the local and DC AD are one and the same, unless you boot the system in AD domain controller recovery mode.

I am lost here, did you lose access to a VM member server or a DC? Create a new account, once you create a new account that is a member of the domain admins group, are you able to login?

You are posting image that effectively mean nothing to me, it would be the same if I post and image with login credential
somename\someuser
and the image of a login failed event,

Do you have more than ONE DC in the environment?

Does this VM have any significant other function? Did you revert the snapshot on this DC restore from a Backup?
Since Attempts have been made, the off network access attempt is not possible. Also, if network is not available on the DC, I do not believe credential caching is an option given the DC has the data ...


Post the commands you ran in the dos window

net user /domain:domain newuser *
enter the password
net group "domain admins" newuser

the error you posted deals with password mismatch.......
0
 

Author Comment

by:FCHCAdmin
ID: 41867853
Arnold: The server is a DC it is one of 4 that we have. I tried to get in with my Domain Administrator credentials but I get the same result, I didn’t revert the snapshot I did boot up with the windows 2008 r2 image (Server is a VMware machine) and followed the instructions at this website:

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/. I believe that’s your suggestion, I tried it and again same result please let me know if you think this is not correct and I thank you for your follow-up.
0
 
LVL 79

Accepted Solution

by:
arnold earned 500 total points
ID: 41867931
as noted, I suggest you create a separate login while disconnecting the VM from the network as was suggested before.
Run dcdiag on the working DCs. Trying to update the admin account that works everywhere else make you risk blocking yourself out of the others should the AD replication kick in.
Other than dcdiag, test repladm /showrep

If this VM is only a DC, that has no master roles, and no functions that are unique to it, rebuilding the VM might be a faster, better approach. Upon install, you can rejoin the newly reformatted/reinstalled into the AD as another DC.

On a dc, why do you pregix the username with a name, presumably the AD donain name?

can you try loging in with Administrator and the corresponding password?
0
 

Author Closing Comment

by:FCHCAdmin
ID: 41879767
I rebuild the machine; thanks for your help Arnold and everybody
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question