Solved

Server 2008-R2 lost password

Posted on 2016-10-30
19
69 Views
Last Modified: 2016-11-08
We have a VMWare virtual machine  running Windows  2008-R2 that is not allowing us access after it went out of the Domain; we get “The security database on the server does not have a computer account for this workstation trust relationship” when we try to login.
The problem is we lost the password for the local “Administrator” account, is there a workaround this problem (maybe by copying the machine file to another location in a different datastore? I know is a long shot but I will appreciate all the help I can get.
0
Comment
Question by:FCHCAdmin
  • 6
  • 5
  • 4
  • +3
19 Comments
 
LVL 76

Expert Comment

by:arnold
Comment Utility
There are many ways to recover from unknown password, deals with booting using Windows OS, accessing the installed OS, triggering the command window after bootup when easy access tools are invoked during logon screen. Utilman.exe launching cmd.exe instead.
0
 

Expert Comment

by:Shahab Ghosni
Comment Utility
it's simple! if your active partition is not encrypted witch i don't think it is use KON-BOOT live disk to bypass local admin password! the password is just bypassed and you need to reset it after logon! force disjoin the machine and join it again
0
 

Expert Comment

by:Janez Škrbec
Comment Utility
I believe bottom link is what you are looking for. I had the same problem and this resolved my problem.

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/
0
 
LVL 87

Expert Comment

by:rindi
Comment Utility
As it is the local admin password that you need to reset, just boot the Server from the UBCD and then select the Offline NT Password and Registry Editor tool, under HDD/Data Recovery section:


http://www.ultimatebootcd.com/download.html
0
 

Author Comment

by:FCHCAdmin
Comment Utility
Janez Škrbec; I followed all instructions in the link, I get to set the administrator password successfully but still don't let me in and now I can't delete utilman.exe or rename utilman.exe.bak to utilman.exe is denying me access.

rindi; I can't find a "offline NT Password and Registry Editor Tool" this are the options I get (see attach) please advise.
Capture.PNG
0
 

Expert Comment

by:Shahab Ghosni
Comment Utility
Dear FCHCAdmin microsoft never let you bypass it's security that easy! before causing damage to your critical files try the KON-BOOT!
http://www.piotrbania.com/all/kon-boot/
I use it all the time and as I said if your drive is not encrypted you'll bypass the admin password!
If you don't like risk of spending money download it from torrent and if successful, pay them to be fair 😊
0
 

Author Comment

by:FCHCAdmin
Comment Utility
Shahab; I followed your advice and purchased kon-boot (1 license). When I boot from the iso disk I can see to application logo but immediately put me on the login screen again with the same problem, Is there a key I need to hold during boot or something? What am I doing wrong?
0
 

Expert Comment

by:Shahab Ghosni
Comment Utility
when you are on login screen make sure your usename is your local admin and leave the password blank and press enter 😊
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
Do you have the Windows 2008 boot DVD ISO?
Attach the ISO as a cd/DVD to the VM, reboot, using the DVD as the boot medium. See get into the repair mode and rename utilman to a .bak while copying cmd.exe to utilman.exe.
Reboot using the VM, hit easy access.
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 

Author Comment

by:FCHCAdmin
Comment Utility
No luck; see attach login1 and after I hit enter get attach login 2.
login.PNG
login2.PNG
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
To whom are you addressing the images?
My guidance if followed, upon bootup, hit the easy access which will bring up the command window with system level credentials.
Nothing in my guidance alters your login credentials.

In the command window you can add a local user net user, net localgroup to add the user into the administrative. Or update/change an accounts password. Note if you use EFS, a change in password would lock you out of access to those files unless you previously backed up the EFS cert/private key.
If you type in Administrator, without the prefix, does it reflect the same loginto name?
0
 
LVL 9

Expert Comment

by:Scott Silva
Comment Utility
The simplest with a machine that lost domain access is to try to login WHILE the network is disconnected... That way the cached domain creds' might work... Although it might be too late for this after the hacking around you did...  

But worth a try... On a VM you disable its virt. net adapter...
0
 

Author Comment

by:FCHCAdmin
Comment Utility
Shahab: I just find out that this server is a Domain Controller and you can't create a local user account, will KON-BOOT work anyway?

Arnold: I tried your suggestion already and I got the dos screen and al the commands ran well but still does not let me in. Is the fact that this is a DC a problem?

Scott: I tried your suggestion already but no luck. I will try again in about an hour and I will keep you posted.
0
 
LVL 9

Expert Comment

by:Scott Silva
Comment Utility
sorry... Mine won't work on a DC since it looks locally for credentials...
0
 

Expert Comment

by:Shahab Ghosni
Comment Utility
I never used it a DC but DCs have local admins as well! let me have a quick test and give you a feedback!
0
 
LVL 76

Expert Comment

by:arnold
Comment Utility
The Dos prompt lets you set local user credentials, on a DC the local and DC AD are one and the same, unless you boot the system in AD domain controller recovery mode.

I am lost here, did you lose access to a VM member server or a DC? Create a new account, once you create a new account that is a member of the domain admins group, are you able to login?

You are posting image that effectively mean nothing to me, it would be the same if I post and image with login credential
somename\someuser
and the image of a login failed event,

Do you have more than ONE DC in the environment?

Does this VM have any significant other function? Did you revert the snapshot on this DC restore from a Backup?
Since Attempts have been made, the off network access attempt is not possible. Also, if network is not available on the DC, I do not believe credential caching is an option given the DC has the data ...


Post the commands you ran in the dos window

net user /domain:domain newuser *
enter the password
net group "domain admins" newuser

the error you posted deals with password mismatch.......
0
 

Author Comment

by:FCHCAdmin
Comment Utility
Arnold: The server is a DC it is one of 4 that we have. I tried to get in with my Domain Administrator credentials but I get the same result, I didn’t revert the snapshot I did boot up with the windows 2008 r2 image (Server is a VMware machine) and followed the instructions at this website:

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/. I believe that’s your suggestion, I tried it and again same result please let me know if you think this is not correct and I thank you for your follow-up.
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
Comment Utility
as noted, I suggest you create a separate login while disconnecting the VM from the network as was suggested before.
Run dcdiag on the working DCs. Trying to update the admin account that works everywhere else make you risk blocking yourself out of the others should the AD replication kick in.
Other than dcdiag, test repladm /showrep

If this VM is only a DC, that has no master roles, and no functions that are unique to it, rebuilding the VM might be a faster, better approach. Upon install, you can rejoin the newly reformatted/reinstalled into the AD as another DC.

On a dc, why do you pregix the username with a name, presumably the AD donain name?

can you try loging in with Administrator and the corresponding password?
0
 

Author Closing Comment

by:FCHCAdmin
Comment Utility
I rebuild the machine; thanks for your help Arnold and everybody
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Last article we focus in how to VMware: How to create and use VMs TAGs – Part 1 so before follow this article and perform the next tasks, you should read the first article how to create the TAG before using them in Veeam Backup Jobs.
HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial walks you through using a remote console to access a server and install ESXi 5.1. This example is showing remote access and installation using a Dell server. The hypervisor is the very first component of your virtual infrastructu…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now