Hi all
I have inherited a 2003 Server Standard Edition which appears to belong to a domain that no longer exists. I think it might have been a DC as I do not have an option to logon locally to it.
It holds the QCA KS3 Testing software which needs updating, but I do not have the admin user account details to get on to it.
Is there any way of getting in to the server and joining it to our exisitng domain, or will I be looking at re-installing it?
Thanks
probably best to wipe it, it'll be difficult to get onto it in the first place, then you'll have niggling problems with an ex dc on your system.
It will most probably need reinstalling.
Thanks folks - oh what fun!
I wonder what else is on it though
I would be cautious plugging it into you main network incase it has DHCP
Safer to rebuild it because you do not know whether it could have a virus on it and also if any settings could interfere with your network
Do you just want files off it or do you need to run the software on it?
If it's the former, then just boot off something like WinPE, Ultimate Boot CD etc and copy the files.
If it's the latter then you can force reset the password - I've not tried this on server 2003 but you've nothing to lose if it doesn't work.
Boot using WinPE (or similar) and run regedit. Go to HKLM and choose Load Hive. Browse to c:\windows\system32\config and pick the system file - give it a name (eg Server).
What you've done so far is to load what was HKLM\System into regedit. You're now going to change the spooler service so that it resets the password (I use spooler because it doesn't matter that it won't start properly). Find the "spooler" section in the hive you loaded - the ImagePath will say something like %SystemRoot%\system32\spoolsv.exe Change this to %SystemRoot%\system32\cmd.exe /c net user administrator secretpassword
Unload the hive, shut down and restarts. As the server starts up, you should see a command window flash and you should be able to log on with secretpassword as the password.
Once you've logged on, go into regedit and reset the properties of the spooler service.
In case anyone's thinking this means that Server 2003 is insecure, it doesn't. It just means that if someone can get their hands on your computer (almost irresepective of the OS it's running) then they can control it.
Would this apply if it’s a domain controller?Originally Posted by srochford
That sounds like a good way to do it srochford, the way which I have used is detailed here:
Forgot the Administrator's Password? - Alternate Logon Trick
FN, I think that the above thing should reset the Domain admin password as the local admin account is disabled otherwise you would simply add domain\Administrator instead.
Hi
Thanks for all the tips everyone.
Got in using this
Offline NT Password & Registry Editor
Was able to login under directory services mode and then could demote the server.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote