When You Need This
You forgot the domain admin password or inherited a server without credentials. Here's how to regain access.
Method 1: Using Directory Services Restore Mode (DSRM)
Boot into DSRM and use the local administrator account:
- Restart the domain controller
- Press F8 during boot
- Select "Directory Services Restore Mode"
- Login with DSRM password
- Open Command Prompt and run:
net user Administrator NewPassword123!
Method 2: PowerShell (If You Have Another Admin Account)
Set-ADAccountPassword -Identity Administrator -NewPassword (ConvertTo-SecureString -AsPlainText "NewPassword123!" -Force)Method 3: Reset Using Another Domain Controller
If you have multiple DCs, use another DC to reset the password:
Set-ADAccountPassword -Identity Administrator -Server DC02 -NewPassword (ConvertTo-SecureString -AsPlainText "NewPassword123!" -Force)Security Best Practices
- Always document admin passwords in a secure password manager
- Have multiple admin accounts as backup
- Regularly test DSRM password
- Never use the same password for domain admin and DSRM
💬 Comments (0)
💬 Join the conversation!
Login or create a free account to comment and get IT tips delivered to your inbox.