0

I am trying get an unused server up and running, it booted fine but i was greeted with the login window and none of the known passwords seem to work.
The server I am trying to get to work is not a Domain Controller and has not been used in a long time.

OS: Windows 2003 Server R2 Enterprise Edition

I tried Ophcrack XP (there is no WinServer version of Ophcrack) - it couldn't locate the partitions with hashes. I tried mounting the partitions myself (#mount /dev/hda*x* /mnt/ntfs), but it gave me an error saying /dev/hda*x* didn't exist.

Next I tried booting into a Ubuntu 10.04.3 LiveCD so that I could install and use chntpw - no go, Ubuntu Live wouldn't boot.

Based on what I've read up the following tools may be of help:

  1. Windows Password recovery
  2. Petter Nordahl-Hagen's Offline NT Password & Registry Editor
  3. Openwall's John the Ripper
  4. EBCD – Emergency Boot CD - Bootable CD
  5. (R)ecovery (I)s (P)ossible Linux rescue system

I am hoping that someone here has prior experience with Win2k3 Administrator password resets so that I don't end up having to try all of the above to find out which one works.

Hennes
  • 65,804
  • 7
  • 115
  • 169
user118718
  • 21

4 Answers4

1

I use System Rescue CD for any passwords I need to obtain. It's important to note that these will just change the password on your local machine. You'll use fdisk -l to find the partition you want, then mount it and change the password via SAM.

Ethabelle
  • 950
1

I always use Hirens BootCD, it uses same or similar program or the same program to 1 and 2 from your list. You can even promote a different user to Administrator. This BootCD is also loaded, loaded (yep I said it twice) with great tools, both from the boot menu and after the boot.

It's important to note (although fairly rare) that this type of password tool won't work with encrypted passwords. I'd be very surprised if your 2003 server had encrypted passwords turned on (I've never seen a server with it on in a production environment before).

opsin
  • 1,531
0

Use Konboot, this is a simple chain loader which modifies the memory to boot to the administrator account without password prompt. You then can change the password according to your needs and reboot normally.

leepfrog
  • 615
  • 5
  • 8
-1

I have successfully used this on pretty much every OS from WinXP to Win7 including both 2k3 and 2k8: http://pcsupport.about.com/od/toolsofthetrade/ss/ontpre-screenshot-guide.htm... ive tried many others and in my opinion its the best and its free

Jeff Wooden
  • 99