How to reset the domain administrator password on Windows Server 2008

This probably should never happen, but there’s always that odd case when the domain administrator password simply disappears. If you did your job right, you would normally dig out your notes with the backup domain administrator details and use that to reset the administrator password. But . . . You don’t always have the luxury. Than you’ll have to find some other way. The scope of this article is to show you that other way.

The basic idea is to boot from the install DVD, open the command prompt, rename the Utilman.exe file and copy Cmd.exe in place of the Utilman.exe. When the server restarts, a command prompt can be brought up with full domain administrator permissions allowing to change the domain administrator password. For detailed instructions read on.

Boot the server using the install DVD. Select the language settings of your choice and continue to the following screen by clicking Next

Select Repair your computer

Make sure your operating system is listed, if not use the Load Driver button to provide drivers for storage controllers not recognized by the system. When the selected system is correct, click Next to continue.

On the Choose a recovery tool screen select the Command Prompt option.

When the command prompt opens, Navigate to the system drive – depending on the system and configuration, it could have the letter C: or D: assigned. Change to Windows folder and than to folder System32.

Next step is to rename the Utilman.exe file. This file provides the Easy Access functionality – either using the icon on the left bottom of the screen or using the Win+U key combination. To rename the file, type in the following command:

> move Utilman.exe Utilman.exe.bak

Followed by copying the Cmd.exe file in place of Utilman.exe:

> copy Cmd.exe Utilman.exe

At this point you can close out of the command prompt and restart the server. Wait until you will be prompted to log in.  When the logon screen appears, you can either use the keyboard combination Windows+U or click the ease of use icon on the left bottom side of the logon screen.

These commands would normally bring up the Ease of use screen, but since we replaced it’s EXE with the command prompt exe, you will be presented with this command prompt. And the icing on the top of the cake is that this command prompt has full domain administrator permissions.

From this command prompt you can run any tool as you like, but to make things as simple as possible i would open the Active Directory Users and Computers tool – dsa.msc. Once the tool is opened, i can check the properties of the Administrator user.

You might need to enable the Administrator account as it is disabled by default.

Once the account is enabled, you can reset the password. Just right click the administrator account and select the Reset password option.

Last but not least, type in the new administrator password, tick the Unlock the user’s account (just to be sure) and click OK to confirm the change. Make sure you make note of the new –  you don’t want to end up in this same situation in a few month time again.

When all is good after all this trouble, you can go back and delete the current Utilman.exe file and rename the Utilman.exe.bak file to Utilman.exe. This should restore the original functionality of the Ease of access tool.

Tagged , , , . Bookmark the permalink.

17 Responses to How to reset the domain administrator password on Windows Server 2008

  1. Chida says:

    This was a very well documented notes. Folllowing the steps exactly, helped me get through the hurdle. The screen shots were really helpful.
    Keep up the good work.

  2. Brent says:

    That was well done. Thank you. Know that this does work with Windows Server 2011 SBS. On the Third step where you select your OS Mine said Windows Server 2008 R2. Select this and your fine. Double check to make sure you are on the correct hard drive when in command prompt if you have multiple drives or partitions. I used the dir command to check. Thank you this saved my ass today.

  3. IMNS says:

    I attempted these steps but it cannot locate the c: drive.

  4. Peter Bursky says:

    There are 2 most likely reasons that come to my mind:

    1. Could the system drive be mapped as a different drive? (d:, e: ?). Check to see if any of other drive letters contains the Windows folder

    2. Are you using any kind of (software) raid? Does the setup disk have the correct drivers? Can it see the disk at all?

  5. Michael says:

    Lifesaver !!! Worked a charm 🙂

  6. Mike says:

    My issue is that the console doesn’t see my Windows…I can’t select the Windows to adjust…any help would be greatly appreciated…

    • Peter Bursky says:

      Hello Mike

      My guess would be that you need to provide drivers for the storage/raid controller in use.

      • Daniel says:

        Hi Peter,

        In this case we would only need the raid drivers to make this work correct? Or are there additional drivers we need to have. Thanks in advance!

        • Peter Bursky says:

          Hi Danny

          I suppose so. It depends what sort of controller you are using.
          Normally if the recovery system can find your system drive, you won’t need the drivers. If it can’t find the drive, you will need the drivers. But but’s all that is needed. Once the recovery can see the drive, you will have access to the folders and files and carry out the file name change as mentioned in the post.

          Hope this helps, if any more questions, just ask

          • Daniel says:

            Hey Peter,

            I don’t know it, I am doing a job for this company and it’s one of those custom built servers. I am going to look at the controller and see if I can find drivers for it. Thanks for the help. I’ll update once complete.

  7. Dan Jackson says:

    I’ve gotten to the “Repair Your Computer” prompt, also able to load up my partition with the correct RAID drivers. As soon as I select the partition a user name and password dialog box comes up? Any ideas?

  8. Anmosoft says:

    To reset admin password in Windows Server 2008 it is really an helpful way. But I always think reset software it the best way to reset Windows password.

  9. Ben says:

    I use offlineNT. Have had a lot of success with it. I describe in on one of my posts here: My Windows 2008 R2 Password Recovery Experience

  10. Sam LaBarbera says:

    This was fantastic, we were just about to do a re-install of the OS and all the programs and then backups. would have taken days.

    This worked perfect, we are back up and running.

    Thank you

  11. Li Hao says:

    Here I will share another simple way–use the third-party reset tools. For free, I recommend Ophcrak. But the pity is that it exists its limitations. For paid, Windows Password Killer is good. It is really a low-cost application you can use to get rid of or totally reset the password on windows computer systems. When the software programs are bought, you boot the pc while using disc supplied by the organization and it’ll recover the BIOS password on the pc. More informtion you can visit http://www.windowspasswordkiller.com

  12. Andy Winter says:

    Peter your a life saver! I tried loads of ways/pw reset tools which wouldn’t work due to the raid1 array and not being able to see the HDD’s but this method worked on a SBS 2011 server. I had to put the raid drivers for the server onto a flash drive in order to get through it but it worked 🙂
    So thanks very much for the excellent advice and tutorial you’ve saved one companies server for sure!
    thank you 🙂

  13. David Jack says:

    That’s a very nice article to introduce how to reset domain administrator password Windows server 2008 in details. But I have followed another method to reset lost password. More details on here. http://tinyurl.com/3kaswpf