Saturday, May 30, 2009

Recover windows 2003 Active Directory admin credentials

Hmm, ever wondered what will happen if you forget admin credentials that too of win2k3 server that serves your organization? Silly it shouldn't happen at all, but what if it happens?

I was facing a similar issue few days back. It is like confirmation of my short memory. I forgot the password... :-(


Recovery process is little tricky. Machine password is different and windows 2003 AD administrator password is different (or stored differently..).

If you are the genuine owner and really lost password, here is the solution (compiled from Internet and it worked for me).

1. If you know the local admin credentials, good you can move to step 3

2. If not
a. Download the cd080802.zip
b. Unzip the file, it contains ISO image, burn it into CD. (If you are a VMWare or other virtual software user, then just point your vm image CD drive to this ISO image).
c. using BIOS settings, make sure your CD drive is the first boot device.
d. Restart your system.
e. Follow the instructions (system boots from the recovery CD image). and reset password or make it blank.
f. If your win2k3 system is not an AD, you are done now. remove the CD/iso image and restart your system.
g. If your win2k3 system is domain controller then, you are not done, read the step 3.


3. While restarting your system, keep on pressing F8, it will take you to boot options of windows 2003. In case if you are using vmware and if you miss to avail F8 (because of the delay in getting the vmware window opened) try setting the following option.





Set the option "Enter the BIOS setup screen the next time this virtual machine boots". So that you can relax and find the BIOS setup screen. Now just press F10 to exit from there to start the OS. Yes you have to keep pressing F8. It works.

4. Follow the instructions as given in this web page by Seb.

let me reproduce the summary here.
a. From boot options (after pressing F8), choose Directory Restore Service Mode. It disables Active Directory.
b. Login with the local credentials.
c. Download the zip file .
d. Unzip into some folder. Say c:/temp.
e. Also copy cmd.exe from c:/windows/system32/cmd.exe to this folder (i.e., c:/temp).
f. Start a command prompt and type instsrv PassRecovery "c:\temp\srvany.exe"
g. You have installed new service called PassRecovery.
h. It is now time to configure SRVANY.


Start regedit, and open the key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services \PassRecovery.

Create a new subkey called Parameters and add two new values:

name: Application
type: REG_SZ (string)
value: d:\temp\cmd.exe

name: AppParameters
type: REG_SZ (string)
value: /k net user administrator new_password (or any password that you want. replace "new_pasword" with your new password).

i. Make sure this new service is "Automatic" one and also allow this service to interact with desktop.
j. restart your system in normal mode. You should be able to login with your newly setup password. If not you might have missed some step or the other mentioned above. If my steps are wrong, then get the right ones from internet :-)
k. PassRecovery service runs once you start the system, so you can remove or disable it as you no longer need it.
l. If you want to remove..
net stop PassRecovery (, then:)
sc delete PassRecovery

Now delete c:\temp and change the admin password if you fancy.

You saved lot of your time and frustration,if you are lucky enough to recover your system. :-).

No comments: