Forgot the domain administrator password on your domain controller? After trying with some passwords you could think of, it may also lock your domain administrator account. There are of many Linux Live CDs available on the internet which could be used to reset Windows admin/user password, but they can only handle passwords for local user accounts. So how can you reset a forgotten Windows domain password or unlock domain administrator account?
In this tutorial we’ll show you an easy way to unlock Windows domain administrator account in minutes, in case the administrator account is locked out or you forgot its password. This method works on Windows Server 2012, 2008, 2003 and 2000.
How to Unlock Windows Domain Administrator Account?
First, download the Reset Windows Password utility and save it on another computer you can access. Unzip the download file and you’ll find a bootable CD image file: ResetWindowsPwd.iso. Burn the ISO image to a blank CD or USB flash drive using ISO2Disc program.
Now you need to use the password unlocker CD/USB drive to boot your domain controller which is locked out. Connect the CD/USB drive into the machine and turn it on. You may see a screen that says, “Press XXX for Boot Menu”. This indicates the key you need to press to enter the Boot Menu. If you can’t bring up the Boot Menu, you can also change the boot order in BIOS.
Choose the CD/DVD-ROM Drive or Removable Device from the Boot Menu, the computer will try to load the operating system inside the password unlocker CD/USB drive. After a while, you’ll see the Reset Windows Password program, which displays a list of local accounts existing in your Windows SAM database.
Here we’re going to unlock domain administrator account, so we need to click on the “Reset Active Directory Password” option. The program will display a list of Active Directory user accounts existing in your Active Directory database (ntds.dit) file.
Select the domain administrator account and then click on “Reset Password” button. The program will prompt you to confirm the password unlocking operation. After confirmation, it will unlock / enable your domain administrator account, and also change the password to a new one: Password123.
All things are almost done! Restart the machine and remove the password unlocker CD/USB drive. You can then log back into your domain administrator account with the new password. It’s so simple!