Re: Administrator password unavailable - Small Business Server [solved]
- From: Philip Herlihy <thiswillbounceback@xxxxxxx>
- Date: Sat, 30 Jun 2007 18:11:07 +0100
Philip Herlihy wrote:
> I've just acquired a new client who have (clearly) had very poor service
> from my competitors. Among other problems, we have a Small Business Server which is in the "locked" state, and we have no Administrator password available. Apparently my immediate predecessor is dealing with a grave family illness and has not responded to phonecalls or emails over several weeks.
>
> I'll declare now (as I've declared to my client) that I'm not very familiar with SBS - I'll have to set one up on a test machine and study it as soon as get the chance. The login screen announces itself as "Windows Server 2003 for Small Business Server" so I can't even be sure which version we have.
>
> The office has seven PCs in the domain. In the very limited time I have to look at this problem I've tried logging on as one of the "normal" domain users - this account does not have Administrator status, and it's unlikely that any of the other accounts would have greater privileges. I've tried connecting via Remote Desktop (which has clearly been used in the past) but it appears that only the Administrator account has the necessary privileges. I've also tried logging on remotely via Sysinternals' psexec utility, but this is blocked.
>
> At the moment the server is continuing to provide SQL Server services to a line-of-business application and I've managed to provide them with access from Outlook to a POP3 server but it's clear that this is a disaster looming. I'm assuming that SBS isn't readily "hacked". I do have physical access to the server and could, for example, dismantle it if that would help! The only alternative seems to be to put pressure on my predecessor which everyone is loath to consider.
>
> I'll be grateful for any advice.
>
An update. I've hacked into the server now. I used Knoppix STD and the chntpw utility to blank the Local Admin password, then used the dodge using SRVANY and INSTSRV to set the Domain Admin password to a new value. Now I have full control of the machine. Just goes to show that without physical security, there is no security!
References:
(1) http://www.astahost.com/how-reset-nt-password-using-knoppix-std-t8716.html
-- notes: I did not include the "security" and "system" hives in the chntpw command. The successful run did not require me to reset SYSKEY (whatever that is) and I found that if I repeated the process I got a clear indication that the local admin password was already blank. I also found earlier attempts had "locked" the account, and chntpw allowed me to reset this.
(2) http://www.nobodix.org/seb/win2003_adminpass.html - worked a treat.
You may wonder what took me so long? The server was happily chugging along, we just didn't have access to make any changes! I had occasion to be thankful that I'd taken a disk image, as my first attempt left me with a machine that demanded activation but wouldn't complete the process, despite trying a fresh product key from (helpful) MS support and following all the steps in a phone-assisted activation attempt. Had to restore from the image.
Phew!
Phil, London
.
- Prev by Date: Re: Porno site inhibiting pc
- Next by Date: Re: Standalone USB touchpad to replace mouse?
- Previous by thread: Standalone USB touchpad to replace mouse?
- Index(es):
Relevant Pages
|
