Being locked out of a domain administrator account in Windows Server is not a pleasant experience. These passwords are typically very secure since they grant high levels of access, and it is recommended that you periodically change the password to help prevent unauthorized access. How can this be done? There are several ways to reset a domain admin password, some of which are described in detail below.
One thing to know about resetting a Windows password is that you don’t need to factory-reset the computer or do a Windows re-installation. There was a time when these were the only options, but there are several different native and third-party tools for Windows that will let you keep all your data. Data is valuable, so any method that requires a full wipe of the system in order to reset a password is definitely not recommended. It might be okay if you had a full backup of everything, but even then the process of installing Windows from scratch and then restoring it with your backup is a tedious process that can be avoided. How? By simply using the methods that we’ve described below.
Change Password in Active Directory with PowerShell
PowerShell is essentially an OS task management scripting language and command line shell that is built on the .NET framework. It is extremely useful for resetting domain passwords using simple cmdlets, and you can do this in a matter of minutes.
Step 1: Launch PowerShell as Administrator. Do this by typing ‘powershell’ in the taskbar search, then right-clicking on PowerShell and selecting ‘Run as Administrator.’ This will open an elevated PowerShell prompt.
Step 2: The next step is to create a secure password that can be applied later. Do this by running the following command and replacing the password within quotes with a secure password of your choice.
$secpwd= ConvertTo-SecureString -String “New_Password” -AsPlainText -Force
Step 3: Now use the following cmdlet to apply the new password to the domain account:
Set-ADAccountPassword Administrator -NewPassword $secpwd -Reset
Step 4: This is usually enough to reset the password, but you’ll be promoted to change it again when you login next. To avoid this, use the following command:
Set-ADUser Administrator -ChangePasswordAtLogon $false
The new password is now set, and you won’t need to change it at next logon.
Use an Installation Disk to Reset Password
If you’re not comfortable using PowerShell for any reason, you can also try resetting the domain password using an installation disk for the Windows Server version you’re using. Obviously, you’ll need to have that disk handy to execute this process, but it’s another easy way to reset your admin password if you’ve forgotten it.
One point to note here is that you’re not actually going to be re-installing Windows. Using the install disk merely gives you access to the admin command prompt, which you need in order to reset the password.
Follow these steps as described below:
Step 1: First, you need to set up the server computer to boot from the installation disk. You can do this by inserting the disk, booting up the server and hitting any key when you see the “Press any key to boot from cd….” message on the screen.
Step 2: Choose Command Prompt when shown all the Repair options.
Step 3: At the command prompt, enter “net user administrator p@ssword123” and replace the string with a new password.
Step 4: Now remove the installation disk and run ‘shutdown -t 0 -r’ to reboot the server.
You should now be able to get in with the new password you specified in Step 3 above.
The ideal scenario is to create a password reset disk and keep it handy before you have the need for it. Once the disk has been created, keep it in a secure physical location so no unauthorized person can gain access to it. Using this disk, you will be able to reset your password anytime you need to. This is actually the proper method to deal with this sort of issue because it will keep your data untouched.
Another way to do this in case you didn’t prepare a password reset disk before losing the password is to use a powerful utility like Androidphonesoft. This is an award-winning piece of software specifically designed to instantly reset any Windows password – admin, user, guest, server and Microsoft account. It’s very easy to use, and all you need is the use of another Windows PC to create a password reset disk or drive. You can use this disk or USB flash drive to unlock your server computer, and also keep it for when you forget or lose the password. It’s a must-have tool for any Windows administrator.