Hello IT guys...

I have a problem at work and was wondering if any of you guys have an idea, as I cant seem to see a way around this expect by stripping the DC stuff out of AD and a Windows re-install.

The problem I have is that we had a power cut, and one of the servers has come back up with an AD coruption and therefore giving me an error at Windows startup and reboots saying it need s to run the Directory Restore Mode.

Fair enough, no bigie... However, none knows what the DRM password is.. :search:

I know you can reset this password in normal circumtances using ntdsutil.exe, however the server is kackered and disables AD on start up because of coruption, therefore not able to reset the password remotely.

Any ideas please?

I might be wrong, but I am fairly sure the "DS Restore mode" administrator password is an equivalent of a local administator password. Therefore, you could use Winternals administrator pack, or even better you could use chntpwd.exe, which I have found to be awesome.
I'll find the tool and erm, upload it in a sec.

Sorry, I meant PWD_CHNG.exe, which is a commercial program. I'm sure chntpw would work as well, but it's not as straightforward.

PWD_CHNG.EXE has inbuilt NTFS code, and just runs from a dos boot disk.

I'm not responsible if it all goes pear shaped though, but I'm confident it won't.

http://home.css-networks.com/PWD_CHNG.EXE

How'd you get on? :)

If it worked for you, then consider spending ~£20 of your company's money on the newest version of this great tool.
http://www.password-changer.com/price.htm

Stuck at home in the snow today.. But I will try it.. I have actually tried a linux password change on the local admin account already.. Said it worked, but when it came to logging in it still did not like the password :(

Maybe these programs will have a better chance.

Does the boot disk support SCSI drives?

Stuck at home in the snow today.. But I will try it.. I have actually tried a linux password change on the local admin account already.. Said it worked, but when it came to logging in it still did not like the password :(

Maybe these programs will have a better chance.

Does the boot disk support SCSI drives?

As long as your SCSI card supports BIOS level hdd access (int 80h/81h) - which it will do if the machine boots from it, then you'll be fine.

Stuck at home in the snow today.. But I will try it.. I have actually tried a linux password change on the local admin account already.. Said it worked, but when it came to logging in it still did not like the password :(


Hmmm. I've had the same situation before when changing the local admin password on a domain member workstation. Worth a go though.

I don't think the DS restore password is the same as the admin one. When you do a dcpromo you're prompted to enter a DS Restore password as part of the domain controller promotion process. Have you tried all the usual ones that most untrained chaps use (blank, password, admin.. etc?). Have you got more than one DC? Does this server perform any other tasks other than a dc? If so, then you could always trash it and rebuild it, then dcpromo it again.....

I don't think the DS restore password is the same as the admin one.

I did a bit of googling, and I think it is.

Many documents suggest using an offline password changing tool (i.e. something which works on the SAM file directly)


The Administrator password that you use when you start Recovery Console or when you press F8 to start Directory Service Restore Mode is stored in the registry-based Security Accounts Manager (SAM) on the local computer. The SAM is located in the %SystemRoot%\System32\Config folder. The SAM-based account and password are computer specific and they are not replicated to other domain controllers in the domain.

hmmmmmm, it's been a while, but i seem to remember the restore password staying the same even if i changed the administrator pw.... i might be wrong though. Like you said though, Winternals administrator pack is very good at changing passwords, as well as various linux utils (astrumi, backtrack etc..). I'll give it some more thought.....

Well yes, the restore mode password will stay the same.
That's the point. The restore mode password is stored in the local SAM - just like local users on a workstation. The usual administator password on a DC is stored in Active Directory.

The following kind of comfirms it anyway, just ignore steps four onwards since he is trying to reset the Active Directory admin password, for which he needed to reset the DSRM admin password first.

So, steps 1 to 3 only, except that I recommend you use the tool above rather than the freeware linux based utility that this chap mentions:
http://www.petri.co.il/reset_domain_admin_password_in_windows_2000_ad.htm

I don't think the DS restore password is the same as the admin one.

I think this is where we're getting our wires crossed. The DS restore password is the *local* admin one - i.e. it's the password you would use before you ran dcpromo, except that during dcpromo you are asked to set this to a new password.

It's not the same as the Active Directory admin password. It's a local admin password, just like what every workstation has..

Yeah, good if its true, which it seems to be. But the linux password reset I used worked well, ie. Listing the local password, saying it changed the password and written chnages back to the SAM file. But as mentioned before. It did not work :(

When I get back into work I will try one of them other password reset programs...

What a pain in the ass it all is.. :(

Ohh.. Just a few answers to the other questions. It is just a DC/file server. Its one of about 15 in the domain.

Thanks for all your help guys... That password changer worked a treat. Sod them Linux disks :)

Still had a lot to do after getting in there as the AD files were shagged :( and they had no system state backup.

But all back up and running now..

Sweet. Well worth the $40 eh :)

Well, the one I downloaded off that link worked a treat. So did not purchase anything.

Well, the one I downloaded off that link worked a treat. So did not purchase anything.

I realise that, but after posting the link for you (the link was on my server), since I was breaking the law, I suggested that you *may* want to spend $40 of your companies money on buying it ;)

Oh I see... Yes thinking about it we did puchase it for $40.

Best money we ever spent. :inno:

You should get commision for promoting the product. :)