"I can boot into Directory Services Restore Mode, but cannot login to
the domain. Is there anything that I can do to reset the domain
administrator password?"
Directory Services Restore Mode (DSRM)
is a special boot mode for repairing or recovering Active Directory. You
can log on to DSRM by using the local administrator password (also
known as DSRM password) that you set when you set up Active Directory.
But Windows doesn't provide any option for you to reset domain password after booting into DSRM mode. So if you forget your domain password, you've got trouble.
Unlocking your computer won't be easy, but it is possible. Reset Windows Password
utility can help you change or reset domain password in Windows Server
2008/2003/2000 Active Directory, if you forgot domain administrator
password or you are locked out of your account.
Step 1: Create a Domain Password Reset Disk
Download the Reset Windows Password
utility. Once the download completes, right-click the .zip file and
select Extract All. This will decompress the zip archive which there
should be an ISO image file (ResetWindowsPwd.iso) inside.
Burn
the ISO image to a blank CD or USB drive with the ISO2Disc software. It
will take about one or two minutes to create a domain password reset
disk.
Step 2: Set Boot Device Order in BIOS
Turn
on your locked computer and hold down F2 or whatever the setup key is
shown as during the initial boot screen. This should bring up the BIOS.
In the BIOS look for the Boot Device Priority option, set CD/DVD as the
1st boot device if you want to boot from domain password reset CD. You
can either set Removable Device as the 1st boot device if you want to
boot off USB drive.
Next press F10 to save your changes and reboot the computer.
Step 3: Change Domain Password
Insert
the domain password reset CD/USB into your locked computer. If you set
up the BIOS correctly your computer should automatically boot from the
domain password reset disk.
After a few minutes it will launch
the Reset Windows Password utility. Choose the Reset Active Directory
Password mode, it will scan your hard drive for partitions that may have
Active Directory installed, and display a list of domain user accounts
inside your Active Directory server.
Choose a domain user account whose password you want to change or reset, then click Reset Password button. It will change domain password to Password123 by default.
Now
remove the domain password reset disk and restart your computer. You
can then login to your domain controller with the new password.
Conclusion
This
guide can be very useful if you forgot domain admin password or you are
locked out of your account and unable to access all of files and
software specifically tied to that account.
No comments:
Post a Comment