Reset Domain Admin Password

On a domain controller, you can access Directory Services Restore Mode by pressing F5 when the system starts to boot and then selecting Directory Services Restore Mode from the Windows Advanced Options Menu.

Once you’re logged in to Directory Services Restore Mode, you’re ready to setup the password reset. My preferred method is to use the Windows Resource Kit tool AutoExNT. AutoExNT allows you to configure a batch script to run when the system starts, so it’s an easy way to use a script to change the domain administrator password. To use this method to reset the domain administrator password, you’ll first need to download the Windows Server 2003 Resource Kit Tools. You can install the tools on any Windows XP or Windows 2003 system. Once the tools are installed, navigate to the Resource Kit Tools installation folder (default location = C:Program FilesWindows Resource KitsTools). From the Tools folder, you’ll need these three files: Autoexnt.exe, Servmess.dll, and Instexnt.exe. All three files should be copied to the %systemroot%system32 folder (default = C:Windowssystem32) on the domain controller.

With these files in place you now need to create a batch file to be used by the service. To do this, run the command:

notepad %systemroot%system32Autoexnt.bat

When prompted to create the file, click Yes. Now in Notepad, enter:

net user administrator P@ssw0rd /domain

In my example, I set the password to P@ssw0rd. Of course, you can set this to whatever you like. Once you have this line in the batch file, save the file and close Notepad.

You’re now ready to install the AutoExNT service. To do this, go to the command prompt and run the command instexnt install. When the command completes, you should see the message “CreateService AutoExNT SUCCESS with InterActive Flag turned OFF.” By default, the service will be set to Automatic, so you’re ready to go.

Now you can just reboot the domain controller. When it reboots, the password will be set to the password that you specified in the batch file. Log in as administrator with the new password and you’re all set. Of course, you’re not going to want the AutoExNT service to run anymore at bootup, so you’ll need to uninstall the service. To do this, go to the command prompt and run the command instexnt remove. You should now see the message “DeleteService SUCCESS” and you’re all done.

dpejic has written 85 articles

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>