It’s always a pain: You’ve been away on vacation and can’t remember your user account password on Active Directory server.  You try nearly all possible passwords, and then you remember. But by then it’s too late.  Your Active Directory account is locked due to too many invalid password attempts.  If you can still log in to domain controller with other administrator account, you can unlock the locked-out Active Directory user account easily while logging in.

But what if there is only one administrator account on your domain controller which is locked out? Or all of Active Directory user accounts are locked out all of a sudden? You may think there is no other options than reinstalling the server. Here we’re going to show you an easy and effective way to unlock Active Directory user account without even logging in.

How to Unlock Active Directory User Account without Even Logging in?

With Reset Windows Password utility you can easily reset forgotten domain user account passwords and unlock Active Directory user account on Windows Server 2008/2003/2000. It can help you get rid of the frustration of being locked out in just a few steps. Basically the steps involves burning a Live CD on another accessible computer, and then boot up your domain controller with the Live CD so you can unlock Active Directory user account without even logging in.

1. Download the Reset Windows Password utility. Unzip the download file and you’ll get a ResetWindowsPwd.iso file.
2. Burn the ISO image file to a blank CD using any burning program (we recommend BurnCDCC) that can burn ISO images.
3. After you have the Live CD, bring it to boot off your domain controller whose password you want to unlock. You’ll see that the computer will load some files inside the Live CD and launch the Reset Windows Password utility.
4. Click on the “Reset Active Directory Password” option, then choose the Active Directory ntds.dit database file from the drop-down list. It will display the domain user accounts and you can find which account is locked out.
5. Choose a user account and then click on the Reset Password button, it will unlock your domain account and also change the password to a new one: Password123.
6. Now remove the Live CD and restart the computer, you can then log in to your Active Directory user account with the new password.

The unlocking procedure takes you less than two minutes. While you may be out of luck if you spend a lot of time to search tips and tricks to unlock Active Directory user account. Most of Windows password recovery software can recover passwords only for Windows local account. None of them can work with domain controller and allow you to unlock Active Directory user account.

• Previous Post: Introduction to Outlook Personal Folders File (.pst)
• Next Post: How to Break Outlook .PST Password