You forgot the domain admin password? This article explains how you can reset the administrator password in a Windows Server 2008 (R2) and Windows Server 2012 (R2) domain.
Profile gravatar of Michael Pietroforte

Michael Pietroforte

Michael Pietroforte is the founder and editor of 4sysops. He is a Microsoft Most Valuable Professional (MVP) with more than 30 years of experience in IT management and system administration.
Profile gravatar of Michael Pietroforte

First of all, you should never work with the “Administrator” account. Each admin should have his own account, for two reasons. First, it makes troubleshooting easier if an admin messes up. Second, if one admin forgets his password, another admin can reset it through Active Directory Users and Computers (ADUC). Whenever you reset a password, however, note that the corresponding account will no longer be able to access passwords stored in Internet Explorer or files that have been encrypted with EFS.

If you forgot the domain admin password, and no other administrator exists in this Windows domain, you can use the procedure below to reset the password. Note that the screenshots are for Windows Server 2012 R2 with Update. However, this guide also works for Windows Server 2012 and Windows Server 2008 R2.

With this password reset method, you have to boot from a second Windows installation. You then have to replace utilman.exe (the Utility Manager with ease-of-use functions such as the Narrator and Magnifier) on a domain controller with the command prompt (cmd.exe). Next, you’ll boot up the machine where you forgot the password, click the Utility Manager icon on the logon screen to launch a command prompt, and then reset the password. Here is the step-by-step guide:

  1. Boot from a Windows Server 2012 R2 DVD (or ISO file in a virtual environment) and click Next when Windows Setup loads.
    Windows Setup
  2. Press SHIFT + F10 to open a command prompt.
    Open command prompt in Windows Setup
  3. At the command prompt, enter:

    Note: On Windows Server 2008 R2, you will most likely have to replace the drive letter d: with c:. If you are unsure about the drive letter, search for the drive that contains the Windows folder. The driver letter for the instance of Windows PE that started Windows Setup is x:. (Update: As mentioned by Chidi, you can run the diskpart command and then on the displart prompt, you can enter the list vol command to get an overview of the available drives. The system drive should be labeled accordingly.)
    Move utilman.exe
  4. Replace utilman.exe with cmd.exe:

    Copy cmd.exe
  5. Remove the boot media from the server and tell Windows PE to reboot:

    wpeutil reboot
  6. Once your domain controller is running again, click the Utility Manager icon.
    Utility Manager icon
  7. At the command prompt that (I hope) opened, reset the domain admin password with this command:

    Reset domain admin password
  8. You can now close the command prompt and log on with the new password. However, mainly for security reasons, I highly recommend restoring the original utilman.exe. For this, you have to again boot Windows Server setup, follow steps 1-2, and then enter:

    (Replace the drive letter if Windows isn’t installed on the d:)
    Restore utilman.exe
  9. After you removed the boot media, you can reboot the server again with

    Password reset complete

Obviously, this procedure can be used by anyone who has physical access to your servers. In my next post I will give you a few tips how you can prevent the Utilman.exe password reset trick.

Win the monthly 4sysops member prize for IT pros


  1. avatar
    Andrew Hilborne 3 years ago

    Or you can use NTpassword


  2. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 3 years ago

    Andrew, thanks for the tip. I am currently playing with the tool to see if it still works with Windows 8.1. However, I think you can't use ntpasswd to reset a domain admin password because it only allows your to manipulate the SAM database.


  3. avatar
    s 3 years ago

    Hi again,
    I tried following this and it said it moved and copied the files but after rebooting and pressing the utility manager icon, it doesn't open command prompt, it just operates as normal.
    This is a windows 8 tablet, so I'm booting off legacy to boot from a Windows 8 install disk and then changing back to UEFI so that I can boot back into windows normally, would that cause any issues?


  4. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 3 years ago

    I didn't try this procedure on a UEFI PC, but I doubt that this is the problem. It is more likely that you copied utilman.exe to the wrong location. Compare the file sizes of utilman.exe and cmd.exe and check if d:\windows\system32\utilman.exe has the size of cmd.exe after rebooting into the Windows installation where you forgot the password.


  5. avatar
    philip 3 years ago

    Hi, my gf forgot her administrator password so I'm trying to reset it. However I can't see any folders on the hard drive and I can't go to the windows directory. Any ideas what is it that I could be doing wrong?


  6. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 3 years ago

    philip, try a different drive letter.


  7. avatar
    Carlos Lamb 2 years ago

    Hello Michael,

    This allows us to reset the password for a local user account. Do you have instructions for how to change a domain admin account?


  8. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 2 years ago

    Carlos, it this for a domain account. It didn't work for you?


  9. avatar
    Rashmiranjan 2 years ago

    It is working fine.Thanks Michael


  10. avatar
    alina 2 years ago

    i don't know my pasworddd!!!!!!!!!!!



  11. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 2 years ago

    Try pasworddd!!!!!!!!!!! 😉


  12. avatar
    abdul ahad 2 years ago

    Hi Micheal,

    i have an issue.. whenever i type this command

    move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak

    it gives me error.


    I tried using different disk letters but didnt work.. plz help.


  13. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 2 years ago

    abdul, your Windows installation is probably on another drive. Try the dive letter c: instead of d:


  14. avatar
    anathi 2 years ago

    Hy ive got an interview IBM thinkpad which i got from my brother, so i decided to delete some unnecessary files. On it then it asked for being rebooted. And so i did, after it askd for an administrator password which even my brother. Didn't. Know so please help dont you atleast have. A hacking password?


  15. avatar
    sagar 2 years ago

    thanks for your valuable information. i have successfully reset administrator passwords and it is very useful once again thanks.


  16. avatar
    zeon 2 years ago

    my system32 folder does not have Utilman.exe what other file could be its alternative.


  17. avatar
    Jan 2 years ago

    Thanks a lot.
    This worked great to recover my test domain administrator password.
    I was geussing longer than it took to change it. 😉


  18. avatar
    felicia 2 years ago

    Hi. I tried to follow the steps of reset my administrator password. I got to the stage of the cmd. when I type the c: it says the syntax of the command is incorrect then I further try other letter but still giving me the same problem. Can anyone please help me solve this problem


  19. avatar
    felicia 2 years ago

    When I type move d: \windows\system32\utilman.exe it says " is not recognised as an internal or external command, operable program or batch file. I need some directions please


  20. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 2 years ago

    felica, there should be no blank after d:


  21. avatar
    felicia 2 years ago

    Hello Michael,
    I did exactly as you advised but I still have the same problem. is there any other possible ways to locate my c or d drive? I tried all means but to no avail


  22. avatar
    Sriram 2 years ago

    I tried doing this. D:\ is mapped as the CD-drive on this. Our professor has setup virtual machines for all of us and we had to install windows 2012 on them. I think we used a virtual HDD for this. Because bios shows - VMware Virtual SCSI Hard Drive (0:0). Im not able to find system32 on any drive except x:\sources\windows\system32 but when i use that, the cmd doesnt pop up on reboot.

    Please help!


  23. avatar
    Tony 2 years ago

    Will this method work with Windows 8. Will I loose any files because I locked my father's domail connected laptop.


  24. avatar
    tony 2 years ago

    can yo explain what you have done in step 1 and how to get windows server 2012 and how to boot it.


  25. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 2 years ago

    Tony, yes the method works with Windows 8. If you encrypted files with EFS with this , you will be unable to decrypt after resetting the password.

    tony, you can use any Windows boot medium. You can download the Windows 10 ISO and put it on a bootable USB stick. If you are not an IT pro, you better ask for help.


  26. avatar
    mary grace 2 years ago

    Sir I tried ur method but after typing "net user administrator * "
    I got a reply of the user ddnt found and NET HELPMSG 2221


  27. avatar
    Omar 2 years ago

    Thanks worked like a charm on windows 2012 server.


  28. avatar
    Robert 2 years ago

    Does not work with Win Server 2012 R2


  29. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 2 years ago

    Works well with Windows Server 2012 R2.


  30. avatar
    Hossein 2 years ago

    Thanks a lot... wonderful documentary ... it also works with windows server 2008 R2. just in last step instead of net user administrator * it is better to type dsa.msc

    Thanks again


  31. avatar
    Shiyas P M 2 years ago

    Hello, I went to reset my Administrator password via repair your computer mode , in Command prompt i cant get Windows drive .so i cant reset Administrator password. how to solve to view Windows installed drive in 2008 r2.


  32. avatar
    spc 2 years ago

    Thanks Michael....these steps worked for me....
    Thank you so much


  33. avatar
    Dave_Fox 2 years ago

    Michael, you are a genious! This worked exactly as you said it would and has saved me an incredible amount of time! I can't thank you enough!


  34. avatar
    Arnaud 2 years ago

    Thanks so much for the tip 5mn top to reset the domain admin password.
    MAGIC !


  35. avatar
    Anonymous 1 year ago



  36. avatar
    Mads Jensen 1 year ago

    Thank you, worked for me on Windows Server 2012 R2 domain admin.


  37. avatar
    sherah 1 year ago

    Hello.. Y is it that my command prompt appear only narrator etc..
    No other how can i change user password,i forgot the domain pw.


  38. avatar
    ElSAO 1 year ago

    Thanks Michael

    It works with Windows 2012 AD, I change the Domain Admin password and it was replicated to all DC.

    Thanks my friend from Tijuana Mexico


  39. avatar
    Peter Camps 1 year ago

    Worked like a charm on Server 2012R2, nice article!


  40. avatar
    Fabio 12 months ago

    Thank you for the trick

    It saved me


  41. avatar
    JRidge 12 months ago

    Good job. Very nice...


  42. avatar
    Gavin 11 months ago

    Im actually amazed that this works!

    However, can confirm on a 2012R2 domain controller. Very well done, thanks.



  43. avatar
    kamal 11 months ago

    Thanks Michael, it worked!!!


  44. avatar
    Dark Star 9 months ago

    Thank you VERY much, Michael.  It worked once I actually let go of the automatic habit of "net use" and actually did "net user" :-)!


  45. avatar
    cszolee 5 months ago

    2012R2 DC, works.

    Thank you, Michael.


  46. avatar
    Don 3 months ago

    Hi, Can you help me? My case is a bit different. I gave my personal laptop to install/ put on office domain. I quit my job. Moved to another country where I was given a domain connected laptop at my new job. Now its been years... now I dont remember my old login or password. I thought I could clean the laptop and give it to my young nephew just to play games...After all it has 6gb ram and 300 gb hdd. I have the original windows 7 key but it runs on Windows XP as per my previous domain requirements...I tried to log in with whatever left of my keeps saying "the system cannot log you on now because the domain **** is not availabe." There are 3 option in "Log on to" drop down menu 1) intranet 2) domain 3) this computer. I tried logging in locally too but had no success. It seems the internal drive is also password protected. The laptop is rightfully mine but I have no Idea what to do with it. can you suggest me some way?


    • Profile gravatar of Michael Pietroforte Author
      Michael Pietroforte 3 months ago

      If the internal drive is password protected, there is not much you can do. You you can try reinstalling Windows, but if you don't don't have the BIOS password, this might fail. There are hacking tools for various laptop models that allow you to manipulate the BIOS. However, this is only something for geeks. Another option is to bring the laptop to the manufacturer support. They probably can reset the BIOS and then you can either follow the procedure described in this post or reinstall Windows.


  47. Profile gravatar of Paolo Maffezzoli
    Paolo Maffezzoli 3 months ago

    You can try to unlock/force the local admin password using some tool. I suggest to take a look Hiren's Boot CD. It is a well know tool collections that us a windows pe running on notable USB. It has also some passwords tools that can help you. For example you can use the NTPWedit and reset the local admin pwd. But as already explained by Michael, the hard disk password is more problematic and there is not an easy solution for this pwd.


  48. Profile gravatar of Paolo Maffezzoli
    Paolo Maffezzoli 3 months ago

    Forgotten to mention the full link : Hiren's BootCD



  49. avatar
    Don 3 months ago

    Hi guys, Thanks for the replies. Mike you were right. Fortunately there wasn't any bios password...i had misunderstood it. As you suggested i bought a new Windows 8 key...something cheap from eBay and downloaded an iso and installed it. Its a squeaky clean new laptio now. Thanks mate. Appreciate it. Thank to Paolo too...


  50. avatar
    João Félix Moreira 2 months ago

    Well this in fantastic. After the cmd try mmc.exe and add the snapin active directory and users. Gess what .????

    This is brutal.



  51. avatar
    Paolo 2 months ago

    Works fine.

    w2012 r2 boot cd on w2008 r2 DC



  52. avatar
    sameh 2 months ago


    i tried to locate the windows drive,  i couldn't found it, i tired D: E: F: G: .... with the same msg " the system cannot find the drive specified", for information, the windows is working from the harddisk find, so the hard disk is connected and have no problem, the only drive that i can see is C: through CMD, but its the external hard disk connected via USB port and its not includes the windows file!!!

    can you help me  🙁



    • Profile gravatar of Michael Pietroforte Author
      Michael Pietroforte 2 months ago

      Maybe the system drive is encrypted? In that case, you can't do anything and reinstall.


  53. avatar
    N. Schultz 1 month ago

    It worked on my 2012 R2 Essentials domain in my home lab running on ESXi 6.5 fully patched.
    Thank you for sharing this extremely useful information!


  54. avatar
    Chidi Iwuoha 1 month ago

    Hi Michael,i think the only thing missing is that you forget to mention entering "diskpart" first by typing diskpart on the prompt and press Enter.
    Thereafter, they should type "list vol" and press Enter to see the drive letters for each of the drives available.
    Make a note of the drive letter assigned by the WinRE environment - it may not be C: or D:
    Type "exit" and press Enter - The command prompt will return to the X:\Sources> prompt and you can continue with the steps...


  55. avatar
    Andy 1 month ago

    Thanks for the detailed procedure.

    What are the security implications of not "re-copying" the original utilman.exe? Can you elaborate on that?




    • Profile gravatar of Michael Pietroforte Author
      Michael Pietroforte 1 month ago

      Well, isn't that obvious? If you don't restore utilman.exe, anyone who has physical access to the computer can reset passwords without even having to boot boot from external media.


  56. avatar
    Tony 3 weeks ago

    need help method appears successful but still getting the wrong username or password (i use this method after being locked off my server via intrusion) Win Serv. 2012R2


Leave a reply

Your email address will not be published. Required fields are marked *



Please ask IT administration questions in the forum. Any other messages are welcome.

© 4sysops 2006 - 2017

Log in with your credentials


Forgot your details?

Create Account