Menu

QA #22 Reset password for Windows local administrator

Question

How reset password for Windows local administrator

Sometimes happen that we have Windows Server without domain where local administrator password is not known. How to process access in that situation? How reset password for Windows local administrator?

Reset Windows Server local account password
Forgotten password to Windows 2016 machine

Answer

Unfortunately from security reasons but fortunately for you, there is possibility to grant access by playing with net user command even if you don’t have access to Operating System. It’s a really old trick to replace Utilman.exe with Cmd.exe using ISO and offline access to OS files.

What is needed? Only one thing: physical access to Windows Server. It can be physical access to server, access to management console such as Dell iDrac, HP iLO, IBM IMM or console access in case of virtual machine.

How reset password for Windows local administrator? Quick description:
  1. Mount ISO with Windows installation disk
  2. Boot from ISO and open cmd
  3. In Windows\System32 type: move Utilman.exe Utilman2.exe and copy Cmd.exe Utilman.exe
  4. Reboot server and open Ease of Access – now will be cmd window
  5. Type net user administrator password123!
  6. Login to OS with administrator account and password which is password123!
How reset password for Windows local administrator? Detailed description:
  1. Make sure that you can restart the server.
  2. Insert Windows installation media or map ISO if server is virtual machine.
  3. Restart server and boot from installation media or ISO.

    Reset Windows Server local account password
    Boot from ISO menu
  4. Go to reparation tools to open Command Prompt.

    Reset Windows Server local account password
    Command Prompt in restoration tools
  5. Go to partition where OS is installed and type cd Windows\System32
  6. Rename Utilman by typing: move Utilman.exe Utilman2.exe
  7. Copy Cmd by typing: copy Cmd.exe Utilman.exe

    Reset Windows Server local account password
    Rename Utilman.exe anc copy cmd.exe as utilman
  8. Reboot server and boot OS normally.
  9. On login screen open Ease of Access, cmd will be open.
  10. Type net user administrator password123! and press enter to change password for administrator account.

    Reset Windows Server local account password
    Cmd instead of Ease of Access
  11. Close cmd window and now you’re able to login using administrator local account.
    Reset Windows Server local account password
    Windows Server 2016 desktop

    See also:

    Find security eBook from Microsoft: https://www.10it.pl/ms-press-free-ebooks/

Windows Security on Microsoft Virtual Academy: https://mva.microsoft.com/en-us/training-courses/windows-security-forensics-14383

Post Navigation

Azure free courses – Sharpen Your Azure Skills

Windows domain administrator account theft is possible

Related Posts:

Upgrade to Windows 10

Upgrade to Windows 10 is still possible and free

How change or remove login credentials in RDCM

QA #23 How change or remove login credentials in RDCM

Spectre CVE-2017-5715 Meltdown CVE-2017-5754. Install Windows Server Patch