Link to home
Start Free TrialLog in
Avatar of shamnadismail .
shamnadismail .

asked on

AD Admin Password

How to recover  AD  Enterprise Admin Password in Windows 2012 R2 as the admin left the company and he is claiming he forget it. 
Avatar of M A
M A
Flag of United States of America image
This is for 2008/win10 but the same can be used for 2012 as well. Just follow 2008 steps.
https://www.experts-exchange.com/articles/9832/Recover-lost-administrator-password-in-windows-2008-Windows-7.html
I will summarize the steps.
  1. Boot  the Server with 2012 installation media or any other WinPE boot media.
  2. Open a command prompt.
  3. Navigate to system 32 by this command cd c:\windows\system32. It could be D drive as well. You can check the drive using the command dir. If you see Windows folder get that drive letter replace with the drive letter in the above command.
  4. Rename the utilman using this command. move  utilman.exe  utilman.exe.bak
  5. Copy the cmd using the following command copy  cmd.exe  utilman.exe 
  6. Start the domain controller again.
  7. At the login screen, press Windows + U or click the "Easy of Access" button.
  8. User generated image
  9. Type command net user administrator P@ssw0rd123
  10. Exit the command prompt, and login with the new password P@ssw0rd123.

ASKER CERTIFIED SOLUTION
Avatar of Hello There
Hello There
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of shamnadismail .
shamnadismail .

ASKER

Basically I want to know the configured Password as there is some EFS volumes exists, can you recommend a good third party solution



Avatar of Hello There
Hello There
I don't believe you can get the current password this way. The former admin has to recall otherwise your only option is resetting the password.

You might attempt to get it from hash but I cannot confirm you will succeed.
https://stealthbits.com/blog/extracting-password-hashes-from-the-ntds-dit-file/
Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image
If you need to recover the password and not just reset it, you're looking at hacking the password.  Depending on the complexity and length of the password, this could take years.  You can try certain "hacking" methods, but there are no guarantees with any of them.  There may not be an effective answer that lets you recover the data without the correct password in any realistic amount of time.
Avatar of Jeff Glover
Jeff Glover
Flag of United States of America image
Is this the only Domain Admin you have? I realize you asked for Enterprise Admin but if you have a domain admin account in the root domain (if you have multiple domains), he or she can reset the password of the Enterprise admin