I have a Windows 2016 Server (Standard). A former employee changed the Administrator password and no one knows what it is. I have tried different password hacking programs and cant access the SAM file. (password reset and top-password) I tried a hack changing the Utilman program and logging on with a DOS prompt, but that didn't work either. Unfortunately, this server is a secondary domain controller and when the password was changed, it propagated to the primary DC and it changed there too.
I have a domain admin login that allows me to log in, but when I got to AD to try to reset the Administrator password I get this error:
"The snap-in below, referenced in this document, has been restricted by policy". I cant get in AD, and I cant get into group policy to make changes either.
Does anyone have any suggestions on how i can reset the Administrator password?