Friday, February 29, 2008

Reset lost administrator password in Windows Server 2003

While you can use tools like ophcrack to recover your password, these don't always work and in case of strong passwords you'll need to pay for the rainbow table sets, the free included set can only crack alphanumerical passwords up to 14 characters. There is a rainbow table set that will crack passwords up to 33 characters, look on the website for the updated information and prices.

To reset your password you can use tools like the Winternals boot cd, which includes the locksmith tool.
In my experience this doesn't always work, and you have to manually add device drivers to the boot cd. If you work with different types of servers, that come with new types of RAID controllers every x months, it can become hard to keep track of. Not that you loose a password that often, but it can be frustrating when you are in urgent need of such a tool :).

The tool that I have recently found seems to be working great. The password reset did not work, but I was able to set a blank password, logon, and reset the password using computer management.
It's called "Offline NT Password & Registry Editor", visit its website and download it here.
This tool includes a lot of recent raid controller drivers which is necessary, so it detects your Windows installation partition.

Before using this tool, be sure that Windows was shutdown properly, or you will not be able to perform any actions!
If that's the case, the tool will warn you and you'll have to reboot in safe mode, and perform a clean shutdown twice.
Besides that, the tool is pretty self-explanatory, but the author has also written a walkthrough.

I was able to set a blank password on a Windows Server 2003 x64 edition with this tool, which was a great help!
As always, keep in mind that resetting a password can cause problems if not used carefully, for example in cases where EFS is used, those files will become inaccessible.