Reset Administrator Password on Windows Server
This guide describes a common method to regain access to a Windows Server OS (used in scenarios when the password for an administrator account is forgotten or lost), without reinstalling the whole operating system or losing any data.
- Login to your VPS Management Portal
- Locate your VPS from the Services tab
- Click Mount ISO
- Select System-Rescue-CD-6-x86.iso image
- Set button "force reset & boot"
- Finish mount by clicking "Mount ISO"
- Click "Launch noVNC" to see console output
- Click into the noVNC browser window to set focus
- Select "Boot SystemRescueCd using default options"
- Press Enter to confirm
Use the SysRescueCD Recovery image to access your Windows system. To identify the correct device for password reset, enter this command:
The output will look similar to the below:
If you see two devices, the first one is usually a bootable device (Boot *) while the second one serves as the partition where Windows is installed. The latter one we are after. In general, we are looking for the larger partition. In our example, partition /dev/vda2 is where Windows is installed (74.5GB vs 500MB) Now navigate to the existing 'mnt' directory, create a 'Windows' director in it, and mount the 'vda2' partition over the newly created "Windows" directory:
After running the mount command, you might encounter error messages like this: The disk contains an unclean file system (0, 0). Metadata kept in Windows cache, refused to mount. Falling back to read-only mount because the NTFS partition is in an unsafe state. Please resume and shutdown Windows fully (no hibernation or fast restarting.) Don't worry, just execute command step-by-step: umount /mnt/Windows ntfsfix /dev/vda1 ntfsfix /dev/vda2 If successful, you will receive the following output:
Now mount your Windows partition again: mount -t ntfs -o rw /dev/vda2 /mnt/Windows
Navigate to the directory where SAM (Security Account Manager) file is located:
Create a backup of the SAM file:
Display the usernames stored in the SAM file without making any changes:
Target the "Administrator" account in the SAM database The command will then present you with options to modify the account, such as clearing the password, editing the password, promoting the user to an administrator, and other related tasks.
We are interested in the first item from the list "Clear (blank) user password". This option allows the Administrator user to login without indicating a password and to set a fresh password at the console. Select -> 1 and press Enter:
Confirm to the modifications by typing "y", then press Enter:
Your tasks with SysrescueCD are now finished. You need to restart your system.
Once the password is reset, make sure to unmount the ISO (Sysrescue CD) image. This can be done in the KVM management portal.
After rebooting, Windows will automatically log in to the Administrator account without requesting a password. Open the CMD(Command Prompt) with administrative rights:
Set a new password for the Administrator account with the following command:
You've successfully updated your Windows Administrator password. Now, try logging into the server with your new credentials. This is crucial to ensure that the password change took effect and that you have regained access to your server. Happy computing! :)