Solved

Server 2008-R2 lost password

Posted on 2016-10-30
19
98 Views
Last Modified: 2016-11-08
We have a VMWare virtual machine  running Windows  2008-R2 that is not allowing us access after it went out of the Domain; we get “The security database on the server does not have a computer account for this workstation trust relationship” when we try to login.
The problem is we lost the password for the local “Administrator” account, is there a workaround this problem (maybe by copying the machine file to another location in a different datastore? I know is a long shot but I will appreciate all the help I can get.
0
Comment
Question by:FCHCAdmin
  • 6
  • 5
  • 4
  • +3
19 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 41866079
There are many ways to recover from unknown password, deals with booting using Windows OS, accessing the installed OS, triggering the command window after bootup when easy access tools are invoked during logon screen. Utilman.exe launching cmd.exe instead.
0
 

Expert Comment

by:Shahab Ghosni
ID: 41866081
it's simple! if your active partition is not encrypted witch i don't think it is use KON-BOOT live disk to bypass local admin password! the password is just bypassed and you need to reset it after logon! force disjoin the machine and join it again
0
 

Expert Comment

by:Janez Škrbec
ID: 41866082
I believe bottom link is what you are looking for. I had the same problem and this resolved my problem.

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 88

Expert Comment

by:rindi
ID: 41866093
As it is the local admin password that you need to reset, just boot the Server from the UBCD and then select the Offline NT Password and Registry Editor tool, under HDD/Data Recovery section:


http://www.ultimatebootcd.com/download.html
0
 

Author Comment

by:FCHCAdmin
ID: 41866310
Janez Škrbec; I followed all instructions in the link, I get to set the administrator password successfully but still don't let me in and now I can't delete utilman.exe or rename utilman.exe.bak to utilman.exe is denying me access.

rindi; I can't find a "offline NT Password and Registry Editor Tool" this are the options I get (see attach) please advise.
Capture.PNG
0
 

Expert Comment

by:Shahab Ghosni
ID: 41866341
Dear FCHCAdmin microsoft never let you bypass it's security that easy! before causing damage to your critical files try the KON-BOOT!
http://www.piotrbania.com/all/kon-boot/
I use it all the time and as I said if your drive is not encrypted you'll bypass the admin password!
If you don't like risk of spending money download it from torrent and if successful, pay them to be fair 😊
0
 

Author Comment

by:FCHCAdmin
ID: 41866411
Shahab; I followed your advice and purchased kon-boot (1 license). When I boot from the iso disk I can see to application logo but immediately put me on the login screen again with the same problem, Is there a key I need to hold during boot or something? What am I doing wrong?
0
 

Expert Comment

by:Shahab Ghosni
ID: 41866416
when you are on login screen make sure your usename is your local admin and leave the password blank and press enter 😊
0
 
LVL 77

Expert Comment

by:arnold
ID: 41866418
Do you have the Windows 2008 boot DVD ISO?
Attach the ISO as a cd/DVD to the VM, reboot, using the DVD as the boot medium. See get into the repair mode and rename utilman to a .bak while copying cmd.exe to utilman.exe.
Reboot using the VM, hit easy access.
0
 

Author Comment

by:FCHCAdmin
ID: 41866421
No luck; see attach login1 and after I hit enter get attach login 2.
login.PNG
login2.PNG
0
 
LVL 77

Expert Comment

by:arnold
ID: 41867159
To whom are you addressing the images?
My guidance if followed, upon bootup, hit the easy access which will bring up the command window with system level credentials.
Nothing in my guidance alters your login credentials.

In the command window you can add a local user net user, net localgroup to add the user into the administrative. Or update/change an accounts password. Note if you use EFS, a change in password would lock you out of access to those files unless you previously backed up the EFS cert/private key.
If you type in Administrator, without the prefix, does it reflect the same loginto name?
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41867293
The simplest with a machine that lost domain access is to try to login WHILE the network is disconnected... That way the cached domain creds' might work... Although it might be too late for this after the hacking around you did...  

But worth a try... On a VM you disable its virt. net adapter...
0
 

Author Comment

by:FCHCAdmin
ID: 41867341
Shahab: I just find out that this server is a Domain Controller and you can't create a local user account, will KON-BOOT work anyway?

Arnold: I tried your suggestion already and I got the dos screen and al the commands ran well but still does not let me in. Is the fact that this is a DC a problem?

Scott: I tried your suggestion already but no luck. I will try again in about an hour and I will keep you posted.
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41867535
sorry... Mine won't work on a DC since it looks locally for credentials...
0
 

Expert Comment

by:Shahab Ghosni
ID: 41867544
I never used it a DC but DCs have local admins as well! let me have a quick test and give you a feedback!
0
 
LVL 77

Expert Comment

by:arnold
ID: 41867764
The Dos prompt lets you set local user credentials, on a DC the local and DC AD are one and the same, unless you boot the system in AD domain controller recovery mode.

I am lost here, did you lose access to a VM member server or a DC? Create a new account, once you create a new account that is a member of the domain admins group, are you able to login?

You are posting image that effectively mean nothing to me, it would be the same if I post and image with login credential
somename\someuser
and the image of a login failed event,

Do you have more than ONE DC in the environment?

Does this VM have any significant other function? Did you revert the snapshot on this DC restore from a Backup?
Since Attempts have been made, the off network access attempt is not possible. Also, if network is not available on the DC, I do not believe credential caching is an option given the DC has the data ...


Post the commands you ran in the dos window

net user /domain:domain newuser *
enter the password
net group "domain admins" newuser

the error you posted deals with password mismatch.......
0
 

Author Comment

by:FCHCAdmin
ID: 41867853
Arnold: The server is a DC it is one of 4 that we have. I tried to get in with my Domain Administrator credentials but I get the same result, I didn’t revert the snapshot I did boot up with the windows 2008 r2 image (Server is a VMware machine) and followed the instructions at this website:

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/. I believe that’s your suggestion, I tried it and again same result please let me know if you think this is not correct and I thank you for your follow-up.
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 41867931
as noted, I suggest you create a separate login while disconnecting the VM from the network as was suggested before.
Run dcdiag on the working DCs. Trying to update the admin account that works everywhere else make you risk blocking yourself out of the others should the AD replication kick in.
Other than dcdiag, test repladm /showrep

If this VM is only a DC, that has no master roles, and no functions that are unique to it, rebuilding the VM might be a faster, better approach. Upon install, you can rejoin the newly reformatted/reinstalled into the AD as another DC.

On a dc, why do you pregix the username with a name, presumably the AD donain name?

can you try loging in with Administrator and the corresponding password?
0
 

Author Closing Comment

by:FCHCAdmin
ID: 41879767
I rebuild the machine; thanks for your help Arnold and everybody
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last article we focus in how to VMware: How to create and use VMs TAGs – Part 1 so before follow this article and perform the next tasks, you should read the first article how to create the TAG before using them in Veeam Backup Jobs.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now