Reboot, hit F8, and enter "Directory Service Recovery Mode". The machine will boot up as a standalone server without any Active Directory support.
When the login screen appears, hit CTRL-ALT-DEL and log in as "Administrator" with no password. This is the MACHINE Administrator account, and does not have the ability to modify anything specific involving the Active Directory information, although it can backup and restore the physical files which contain the AD databases.
Run "regedit". Navigate to HKEY_USERS\.Default\Control Panel\Desktop and change the following values: Value Original Change to SCRNSAVE.EXE logon.scr cmd.exe ScreenSaveTimeout 900 15 ScreenSaveActive May be 0 or 1 1
Reboot normally. When the box appears asking you to hit CTRL-ALT-DEL to log in, just wait. After 15-30 seconds you will see a command prompt appear (since that is the screensaver.)
In the command prompt, type the following command: C:\WINNT\system32> MMC DSA.MSC
This should bring up the management console where you can edit users' passwords, including the password for the Administrator account. If you type this command and it doesn't work, wait 30 seconds and try it again. This happened to me, it sounded like it was still in the process of loading drivers into memory in the background...
If this doesn't work after waiting the 30 seconds... realize that THIS IS A COMMAND PROMPT WITH FULL DOMAIN ADMINISTRATOR RIGHTS, and you're running a command ("MMC.EXE") with another filename ("DSA.MSC") as an argument. If it "just plain doesn't work", maybe you need to locate these two files and type them in as full path names. Maybe something like "C:\WINNT\SYSTEM32\MMC.EXE C:\WINNT\SYSTEM32\DSA.MSC".
If you know absolutely nothing about how to use a command line, then reboot into DSR Mode, log in as Administrator, and use the graphical "Find Files" thingy to find the files, and write down their locations. Then try it again (reboot and wait for the command line) After resetting the Administrator password, exit the management console and type the command EXIT in the command prompt window.
Hit CTRL-ALT-DEL and log into the DOMAIN Administrator account using the new password!
Don't forget to undo the changes you made to the registry, or you will always have a command prompt with Domain Administrator rights appear whenever somebody logs out.
2 comments:
Reboot, hit F8, and enter "Directory Service Recovery Mode". The machine will boot up as a standalone server without any Active Directory support.
When the login screen appears, hit CTRL-ALT-DEL and log in as "Administrator" with no password. This is the MACHINE Administrator account, and does not have the ability to modify anything specific involving the Active Directory information, although it can backup and restore the physical files which contain the AD databases.
Run "regedit". Navigate to HKEY_USERS\.Default\Control Panel\Desktop and change the following values:
Value Original Change to
SCRNSAVE.EXE logon.scr cmd.exe
ScreenSaveTimeout 900 15
ScreenSaveActive May be 0 or 1 1
Reboot normally. When the box appears asking you to hit CTRL-ALT-DEL to log in, just wait. After 15-30 seconds you will see a command prompt appear (since that is the screensaver.)
In the command prompt, type the following command:
C:\WINNT\system32> MMC DSA.MSC
This should bring up the management console where you can edit users' passwords, including the password for the Administrator account. If you type this command and it doesn't work, wait 30 seconds and try it again. This happened to me, it sounded like it was still in the process of loading drivers into memory in the background...
If this doesn't work after waiting the 30 seconds... realize that THIS IS A COMMAND PROMPT WITH FULL DOMAIN ADMINISTRATOR RIGHTS, and you're running a command ("MMC.EXE") with another filename ("DSA.MSC") as an argument. If it "just plain doesn't work", maybe you need to locate these two files and type them in as full path names. Maybe something like "C:\WINNT\SYSTEM32\MMC.EXE C:\WINNT\SYSTEM32\DSA.MSC".
If you know absolutely nothing about how to use a command line, then reboot into DSR Mode, log in as Administrator, and use the graphical "Find Files" thingy to find the files, and write down their locations. Then try it again (reboot and wait for the command line)
After resetting the Administrator password, exit the management console and type the command EXIT in the command prompt window.
Hit CTRL-ALT-DEL and log into the DOMAIN Administrator account using the new password!
Don't forget to undo the changes you made to the registry, or you will always have a command prompt with Domain Administrator rights appear whenever somebody logs out.
Yes this is correct.
Post a Comment