|
Posted by Roger Abell [MVP] on September 26, 2006, 10:33 am
If you were Registered and logged in, you could reply and use other advanced thread options
From what you have said, you have been zapping the Administrator
account password of the local SAM, but this is on an SBS server
which means it is a domain controller. The local SAM's Administrator
account is only used for DS restore mode operations.
Apparently you are wanting to break into AD and get access to the
password for some Domain Admin group member.
But, perhaps I am misreading what it is you are trying to do.
Roger
> Unfortunately the password on this server was changed by someone and
> they are unable to remember it -even after 6 weeks to think about it.
> Since I have local access to the server, I have downed the server
> -hard- used NT Offline Password Recovery Tool to blank out the
> password, set a disk check and rebooted. This has not worked.
> I tried the logon of the person who did this, who may have had
> sufficient access rights, but found they are only part of Local
> Administrators group as these credentials were also refused. I downed
> the server again later, and took an extract of the SAM for the
> administrator, which shows that it really has been zeroised, as it now
> reads
> Administrator:500:0:0:::
>
> The server is a Small Business Server 2000, running Exchange, Proxy
> Server, DNS, DHCP, File and Print services. It has 2 ethernet cards and
> has ISA server to restrict access to the internet according to users.
>
> I also have remote access via Logmein, and when I try that, I get the
> message "Logon Failure: User account restriction 1327"
>
> Anyone have any ideas on what to try next, or how to get around this
> restriction?
>
> Alternatively, if I need to reinstate a password, I have tried the NT
> Offline Password Recovery Tool , but it doesn't work as hoped, so I
> blanked the password again. Anyone know a better product, or have any
> suggestions?
>
> I also have a virtually duplicate server at another site, is there any
> way I can use the SAM there to copy oiver the Administrator password,
> or manually type in the same encrypted password -which would be known-,
> or use it in any way to get back into the server with the lost
> password? I don't want to lose the AD by swapping out the SAM -if can
> you can still do that, and it is not securitised-, I am really just
> wanting to get back in as Administrator.
>
> Does anyone have any suggestions of new avenues to explore?
>
> Many thanks in advance
>
>
> Rob
>
| 
XML site map