All Windows computers have local users. Many administrators believe that the Domain Controllers (DC) do not, but the reality is that this is an error. DCs have a SAM database to store user password Administrator. When you install a DC with dcpromo, during the promotion process requesting the password for this user. Although it is rarely used, sometimes we need to start a CD with this user, for example when you are performing an off line defrag of the AD database. The main drawback is that many forget the password for this user, which can not be reset as the password of the other local users of computers that are not DC, and you can not use ADUC it is not a domain user.
The only way is through a command line utility called Ntdsutil. " The steps follow are:
1-Open a CMD console
2-Run ntdsutil "
3-Enter" set DSRM password "to indicate you want to change the password of DSRM (Directory Service Restore Mode)
4-State that we running the command "reset password on server null" in the user's server. Replacing "server null" with the name of another DC, can reset the password on a remote DC.
5-Type in the new password and confirmation
6-Exit the utility to "Quit"
2-Run ntdsutil "
3-Enter" set DSRM password "to indicate you want to change the password of DSRM (Directory Service Restore Mode)
4-State that we running the command "reset password on server null" in the user's server. Replacing "server null" with the name of another DC, can reset the password on a remote DC.
5-Type in the new password and confirmation
6-Exit the utility to "Quit"
0 comments:
Post a Comment