Server 2008-R2 lost password

We have a VMWare virtual machine  running Windows  2008-R2 that is not allowing us access after it went out of the Domain; we get “The security database on the server does not have a computer account for this workstation trust relationship” when we try to login.
The problem is we lost the password for the local “Administrator” account, is there a workaround this problem (maybe by copying the machine file to another location in a different datastore? I know is a long shot but I will appreciate all the help I can get.
FCHCAdminAsked:
Who is Participating?
 
arnoldCommented:
as noted, I suggest you create a separate login while disconnecting the VM from the network as was suggested before.
Run dcdiag on the working DCs. Trying to update the admin account that works everywhere else make you risk blocking yourself out of the others should the AD replication kick in.
Other than dcdiag, test repladm /showrep

If this VM is only a DC, that has no master roles, and no functions that are unique to it, rebuilding the VM might be a faster, better approach. Upon install, you can rejoin the newly reformatted/reinstalled into the AD as another DC.

On a dc, why do you pregix the username with a name, presumably the AD donain name?

can you try loging in with Administrator and the corresponding password?
0
 
arnoldCommented:
There are many ways to recover from unknown password, deals with booting using Windows OS, accessing the installed OS, triggering the command window after bootup when easy access tools are invoked during logon screen. Utilman.exe launching cmd.exe instead.
0
 
Shahab GhosniNetwork Infrastructure EngineerCommented:
it's simple! if your active partition is not encrypted witch i don't think it is use KON-BOOT live disk to bypass local admin password! the password is just bypassed and you need to reset it after logon! force disjoin the machine and join it again
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Janez ŠkrbecCommented:
I believe bottom link is what you are looking for. I had the same problem and this resolved my problem.

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/
0
 
rindiCommented:
As it is the local admin password that you need to reset, just boot the Server from the UBCD and then select the Offline NT Password and Registry Editor tool, under HDD/Data Recovery section:


http://www.ultimatebootcd.com/download.html
0
 
FCHCAdminAuthor Commented:
Janez Škrbec; I followed all instructions in the link, I get to set the administrator password successfully but still don't let me in and now I can't delete utilman.exe or rename utilman.exe.bak to utilman.exe is denying me access.

rindi; I can't find a "offline NT Password and Registry Editor Tool" this are the options I get (see attach) please advise.
Capture.PNG
0
 
Shahab GhosniNetwork Infrastructure EngineerCommented:
Dear FCHCAdmin microsoft never let you bypass it's security that easy! before causing damage to your critical files try the KON-BOOT!
http://www.piotrbania.com/all/kon-boot/
I use it all the time and as I said if your drive is not encrypted you'll bypass the admin password!
If you don't like risk of spending money download it from torrent and if successful, pay them to be fair 😊
0
 
FCHCAdminAuthor Commented:
Shahab; I followed your advice and purchased kon-boot (1 license). When I boot from the iso disk I can see to application logo but immediately put me on the login screen again with the same problem, Is there a key I need to hold during boot or something? What am I doing wrong?
0
 
Shahab GhosniNetwork Infrastructure EngineerCommented:
when you are on login screen make sure your usename is your local admin and leave the password blank and press enter 😊
0
 
arnoldCommented:
Do you have the Windows 2008 boot DVD ISO?
Attach the ISO as a cd/DVD to the VM, reboot, using the DVD as the boot medium. See get into the repair mode and rename utilman to a .bak while copying cmd.exe to utilman.exe.
Reboot using the VM, hit easy access.
0
 
FCHCAdminAuthor Commented:
No luck; see attach login1 and after I hit enter get attach login 2.
login.PNG
login2.PNG
0
 
arnoldCommented:
To whom are you addressing the images?
My guidance if followed, upon bootup, hit the easy access which will bring up the command window with system level credentials.
Nothing in my guidance alters your login credentials.

In the command window you can add a local user net user, net localgroup to add the user into the administrative. Or update/change an accounts password. Note if you use EFS, a change in password would lock you out of access to those files unless you previously backed up the EFS cert/private key.
If you type in Administrator, without the prefix, does it reflect the same loginto name?
0
 
Scott SilvaNetwork AdministratorCommented:
The simplest with a machine that lost domain access is to try to login WHILE the network is disconnected... That way the cached domain creds' might work... Although it might be too late for this after the hacking around you did...  

But worth a try... On a VM you disable its virt. net adapter...
0
 
FCHCAdminAuthor Commented:
Shahab: I just find out that this server is a Domain Controller and you can't create a local user account, will KON-BOOT work anyway?

Arnold: I tried your suggestion already and I got the dos screen and al the commands ran well but still does not let me in. Is the fact that this is a DC a problem?

Scott: I tried your suggestion already but no luck. I will try again in about an hour and I will keep you posted.
0
 
Scott SilvaNetwork AdministratorCommented:
sorry... Mine won't work on a DC since it looks locally for credentials...
0
 
Shahab GhosniNetwork Infrastructure EngineerCommented:
I never used it a DC but DCs have local admins as well! let me have a quick test and give you a feedback!
0
 
arnoldCommented:
The Dos prompt lets you set local user credentials, on a DC the local and DC AD are one and the same, unless you boot the system in AD domain controller recovery mode.

I am lost here, did you lose access to a VM member server or a DC? Create a new account, once you create a new account that is a member of the domain admins group, are you able to login?

You are posting image that effectively mean nothing to me, it would be the same if I post and image with login credential
somename\someuser
and the image of a login failed event,

Do you have more than ONE DC in the environment?

Does this VM have any significant other function? Did you revert the snapshot on this DC restore from a Backup?
Since Attempts have been made, the off network access attempt is not possible. Also, if network is not available on the DC, I do not believe credential caching is an option given the DC has the data ...


Post the commands you ran in the dos window

net user /domain:domain newuser *
enter the password
net group "domain admins" newuser

the error you posted deals with password mismatch.......
0
 
FCHCAdminAuthor Commented:
Arnold: The server is a DC it is one of 4 that we have. I tried to get in with my Domain Administrator credentials but I get the same result, I didn’t revert the snapshot I did boot up with the windows 2008 r2 image (Server is a VMware machine) and followed the instructions at this website:

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/. I believe that’s your suggestion, I tried it and again same result please let me know if you think this is not correct and I thank you for your follow-up.
0
 
FCHCAdminAuthor Commented:
I rebuild the machine; thanks for your help Arnold and everybody
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.