Reset Domain Administrator Password

The following method has been tested to work on both Server 2003 and Server 2008 Domain Controllers

  • Download SRVANY and INSTSRV, which are part of the Windows 2003 Resource Kit
  • Ensure you have the Directory Service Restore Mode Administrator password, restart the server in Directory Service Restore Mode, and log in as administrator
    • If you do not have have the Administrator Password, you can attempt to get it through one of these methods
  • Create the folder: C:\reset\
    • Copy srvany.exe, instsrv, and cmd.exe(Located in C:\system32) to the C:\reset\
  • Open a command prompt and enter the following commands
    • CD “C:\reset”
    • instsrv PassRecovery “C:\reset\srvany.exe”
  • Run regedit.exe and navigate to HKLM\System\CurrentControlSet\Services\PassRecovery
  • Create a subkey called: Parameters
    • Create a new string value (REG_SZ)
      1. Name: Application
      2. Value: C:\reset\cmd.exe
    • Create a new string value (REG_SZ) where <password> is the desired password (Must Meet Password Policy Requirements)
      1. Name: AppParameters
      2. Value: /k net user administrator <password> /domain
  • Open Services and Open the Properties for the PassRecovery Service
    • On the General tab, ensure the startup type is Automatic
    • On the Log On tab, ensure the option is checked to: Allow service to interact with desktop
  • Restart the server normally, and log in with the password you specified
  • Uninstall SRVANY by entering the following commands at a command prompt:
    • net stop PassRecovery
    • sc delete PassRecovery
  • Delete C:\reset\

Leave a Reply

Your email address will not be published. Required fields are marked *