- Poll: How reliable are ChatGPT and Bing Chat? - Tue, May 23 2023
- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
First of all, you should never work with the “Administrator” account. Each admin should have his own account, for two reasons. First, it makes troubleshooting easier if an admin messes up. Second, if one admin forgets his password, another admin can reset it through Active Directory Users and Computers (ADUC). Whenever you reset a password, however, note that the corresponding account will no longer be able to access passwords stored in Internet Explorer or files that have been encrypted with EFS.
If you forgot the domain admin password, and no other administrator exists in this Windows domain, you can use the procedure below to reset the password. Note that the screenshots are for Windows Server 2012 R2 with Update. However, this guide also works for Windows Server 2012 and Windows Server 2008 R2.
With this password reset method, you have to boot from a second Windows installation. You then have to replace utilman.exe (the Utility Manager with ease-of-use functions such as the Narrator and Magnifier) on a domain controller with the command prompt (cmd.exe). Next, you’ll boot up the machine where you forgot the password, click the Utility Manager icon on the logon screen to launch a command prompt, and then reset the password. Here is the step-by-step guide:
Subscribe to 4sysops newsletter!
- Boot from a Windows Server 2012 R2 DVD (or ISO file in a virtual environment) and click Next when Windows Setup loads.
- Press SHIFT + F10 to open a command prompt.
- At the command prompt, enter:
move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak
Note: On Windows Server 2008 R2, you will most likely have to replace the drive letter d: with c:. If you are unsure about the drive letter, search for the drive that contains the Windows folder. The driver letter for the instance of Windows PE that started Windows Setup is x:. (Update: As mentioned by Chidi, you can run the diskpart command and then on the displart prompt, you can enter the list vol command to get an overview of the available drives. The system drive should be labeled accordingly.)
- Replace utilman.exe with cmd.exe:
copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe
- Remove the boot media from the server and tell Windows PE to reboot:
- Once your domain controller is running again, click the Utility Manager icon.
- At the command prompt that (I hope) opened, reset the domain admin password with this command:
net user administrator *
- You can now close the command prompt and log on with the new password. However, mainly for security reasons, I highly recommend restoring the original utilman.exe. For this, you have to again boot Windows Server setup, follow steps 1-2, and then enter:
move /y d:\windows\system32\utilman.exe.bak d:\windows\system32\utilman.exe
(Replace the drive letter if Windows isn’t installed on the d:)
- After you removed the boot media, you can reboot the server again with
Obviously, this procedure can be used by anyone who has physical access to your servers. In my next post I will give you a few tips how you can prevent the Utilman.exe password reset trick.
Want to write for 4sysops? We are looking for new authors.
Or you can use NTpassword http://pogostick.net/~pnh/ntpasswd/
Andrew, thanks for the tip. I am currently playing with the tool to see if it still works with Windows 8.1. However, I think you can’t use ntpasswd to reset a domain admin password because it only allows your to manipulate the SAM database.
I tried following this and it said it moved and copied the files but after rebooting and pressing the utility manager icon, it doesn’t open command prompt, it just operates as normal.
This is a windows 8 tablet, so I’m booting off legacy to boot from a Windows 8 install disk and then changing back to UEFI so that I can boot back into windows normally, would that cause any issues?
I didn’t try this procedure on a UEFI PC, but I doubt that this is the problem. It is more likely that you copied utilman.exe to the wrong location. Compare the file sizes of utilman.exe and cmd.exe and check if d:\windows\system32\utilman.exe has the size of cmd.exe after rebooting into the Windows installation where you forgot the password.
Hi, my gf forgot her administrator password so I’m trying to reset it. However I can’t see any folders on the hard drive and I can’t go to the windows directory. Any ideas what is it that I could be doing wrong?
philip, try a different drive letter.
This allows us to reset the password for a local user account. Do you have instructions for how to change a domain admin account?
Carlos, it this for a domain account. It didn’t work for you?
It is working fine.Thanks Michael
i don’t know my pasworddd!!!!!!!!!!!
WHAT IS IT
Try pasworddd!!!!!!!!!!! 😉
i have an issue.. whenever i type this command
move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak
it gives me error.
THE SYSTEM CANNOT FIND THE PATH SPECIFIED.
I tried using different disk letters but didnt work.. plz help.
abdul, your Windows installation is probably on another drive. Try the dive letter c: instead of d:
Hy ive got an interview IBM thinkpad which i got from my brother, so i decided to delete some unnecessary files. On it then it asked for being rebooted. And so i did, after it askd for an administrator password which even my brother. Didn’t. Know so please help dont you atleast have. A hacking password?
thanks for your valuable information. i have successfully reset administrator passwords and it is very useful once again thanks.
my system32 folder does not have Utilman.exe what other file could be its alternative.
Thanks a lot.
This worked great to recover my test domain administrator password.
I was geussing longer than it took to change it. 😉
Hi. I tried to follow the steps of reset my administrator password. I got to the stage of the cmd. when I type the c: it says the syntax of the command is incorrect then I further try other letter but still giving me the same problem. Can anyone please help me solve this problem
When I type move d: \windows\system32\utilman.exe it says ” is not recognised as an internal or external command, operable program or batch file. I need some directions please
felica, there should be no blank after d:
I did exactly as you advised but I still have the same problem. is there any other possible ways to locate my c or d drive? I tried all means but to no avail
I tried doing this. D:\ is mapped as the CD-drive on this. Our professor has setup virtual machines for all of us and we had to install windows 2012 on them. I think we used a virtual HDD for this. Because bios shows – VMware Virtual SCSI Hard Drive (0:0). Im not able to find system32 on any drive except x:\sources\windows\system32 but when i use that, the cmd doesnt pop up on reboot.
Will this method work with Windows 8. Will I loose any files because I locked my father’s domail connected laptop.
can yo explain what you have done in step 1 and how to get windows server 2012 and how to boot it.
Tony, yes the method works with Windows 8. If you encrypted files with EFS with this , you will be unable to decrypt after resetting the password.
tony, you can use any Windows boot medium. You can download the Windows 10 ISO and put it on a bootable USB stick. If you are not an IT pro, you better ask for help.