Recover Admin Domain Controller password on Windows 2003 Server

In recent times, we have received a lot of questions from system administrators who are managing Windows Server 2003 Domain Controllers. They have lost their login password to DC 2003 to take full control. Active Directory Domain 2003 set of operations. Unfortunately, this can happen when Admin periodically changes new passwords to further enhance system safety, but unfortunately for some reason, they forgot your new password. As a result, they no longer log on to their Domain Controller, and they don't create any backup admin account backup for forgetting this password .

Some of the tips and tools that have been published help reset Domain Admin Password on Windows 2000 Server without any effect on Windows 2003 Server. The reason, Microsoft has adopted all aspects of security features on Windows 2003 Server, and these tricks have become useless.

Here we present how to reset Domin Admin AdminPassword. And before you proceed with it, pay close attention to all the mandatory requirements below:

Disclaimer: This guide is only for the Admin to correct the problem caused by himself. The document does not serve any intentions to infiltrate the system!

Required requirements:

You need to meet the following requirements:

1 / Local access-access to Domain Controller server (DC).

2 / Obtain Local Administrator password (this is the Active Directory Restore mode password you set up during the process of upgrading a Server 2003 to Domain Controller 2003, this password is completely different from the password that controls the operation of the DC server and Domain-password that you forgot).

3 / There are 2 tools provided by Microsoft in the Resource Kit: SRVANY and INSTSRV. Download here here. (http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&DisplayLang=en)

All these steps are done on a domain with a Domain Controller 2003 server. If your domain has multiple DCs, you can choose any Domain Controller to perform.

Proceed :

1. Restart Windows 2003 DC in Directory Restory Service Mode.

Restart the computer, at the time of startup, press F8 and select Directory Restore Service Mode. When entering this mode, Active Directory operation will be disabled.

When the login screen appears, log in with the Local Administrator account. And you have full access to this Local Computer but can't interfere with any issues in Active Directory.

Picture 1 of Recover Admin Domain Controller password on Windows 2003 Server

2 Install SRVANY.

This utility runs Windows NT Service. The interesting thing here is that the program will have SYSTEM privileges (s). And this is necessary to reset the Domain Admin password. You will configure SRVANY to start the command prompt (will help you run net user commands).

Copy SRVANY and INSTSRV into a temporary folder, for example d: temp . Also Copy cmd.exe to this folder (cmd.exe is just a command prompt, usually in% WINDIR% System32, for example: C: WindowsSystem32).

Picture 2 of Recover Admin Domain Controller password on Windows 2003 Server

Click cmd.exe to start the command prompt, type Cd D: temp press Enter, Type the command instsrv PassRecovery "d: tempsrvany.exe" press Enter.

Picture 3 of Recover Admin Domain Controller password on Windows 2003 Server

Configure SRVANY.

At Run, type regedit , open Registry Editor and locate the Key
HKEY_LOCAL_MACHINESystemCurrentControlSetServicesPassRecovery

Right-click the PassRecovery key and create a Parameters Key and add new 2 values ​​as follows:

name: Application
type: REG_SZ (string)
value: d: tempcmd.exe

name: AppParameters
type: REG_SZ (string)
value: / k net user administrator new_password

Picture 4 of Recover Admin Domain Controller password on Windows 2003 Server

Be careful: 'net user username password ' is the command line to set a new password . Replace new_password with the actual password you want to set. Keep in mind that some policies of domain- domain policies may require you to set up complex passwords, so you must set a complex password that usually includes uppercase, lowercase letters, numbers and special characters. special, for example: p @ ssW0rd! # $

Next in Run, type Services.msc command or go to Control Panel -> Administrative ToolsServices will open the operating services control panel on the system. Find the Service named PassRecovery , right-click select the property tab. Check that start mode must be Automatic .

Picture 5 of Recover Admin Domain Controller password on Windows 2003 Server

Open Log On tab and check the Allow service to interact with desktop option .

Picture 6 of Recover Admin Domain Controller password on Windows 2003 Server

At this point, you can restart Windows, and SRVANY will run the netuser command to reset the domain admin password.

3. Restart Windows in normal mode -normal mode

Wait for the login screen to appear. You will not notice the command prompt appears when executing the net user command. But don't worry, the command is still executed inside the -background system.

Log on with the Administrator account, the password you just set up above. The system will grant you full access. If not, go back to step 2 and make sure you don't forget the new password that has been set or incorrectly set the other values.

When the desktop appears, you will see a command prompt. The command prompt is started by SRVANY.

Picture 7 of Recover Admin Domain Controller password on Windows 2003 Server

Now that the goal has been achieved, proceed to remove SRVANY:

Execute the command:

net stop PassRecovery
sc delete PassRecovery

Delete next folder d: temp created. Finished!

Ho Viet Ha - Network Information Security Vietnam.
http://nis.com.vn
Email: networksecurity@Nis.com.vn