How To reset Windows Server 2008 password

April 22, 2010 - PRLog -- You have just completed installing Windows Server 2008, and you hit the Ctrl+Alt+Delete key and then you were lost, What administator password and username should I used?  Especially that you did not create any during the installation process! In this article, I will show you how to successfully reset to Windows server 2008.

Windows Server 2008 is one of Microsoft Windows' server line of operating systems. Released to manufacturing on February 4, 2008, and officially released on February 27, 2008, it is the successor to Windows Server 2003, released nearly five years earlier. A second release, named Windows Server 2008 R2, was released to manufacturing on July 22, 2009.

The solution is a two stage process. The first stage is preparation and requires the use of PING (Partimage is not ghost) which is a linux environment that can run off of a disc. You need to download the PING image and burn it to a disc before continuing.

Now that you have the disc ready, here are the steps to follow:

1.  Put the disc in your server and boot off of it.  The process to do this differs by server but I am sure you can figure it out (or have done it before).

2. The PING linux environment will load.

3.When the environment is fully loaded, you will receive a “>>” prompt.

4.At the “>>” prompt, type “x” and press the ENTER key.  “x“  will take you to a command shell rather than launching the PING user interface.

6.At the “PING login:” prompt, type in “root” and press the ENTER key.

7.At this ping you should be logged into the PING operating system.  Now we need to run a few shell commands.
Run the following command:  fdisk -l : grep NTFS

8.This command will list all the NTFS partitions.  As best as you can, note the name of the one that contains the Windows directory.

9.Run the following command:  mkdir -p /mnt/windows

10.This command creates a directory called “/mnt/windows” that will be used for mounting the windows partition

11.Run the following command:  mount -t ntfs-3g /dev/sda3 /mnt/windows

12.This command actually performs the mount.  “/dev/sda3″ is the name of the device (from step 7) that holds the windows partition.  This was “sda3″ for me but may vary for you.

13.Run the following command:  cd /mnt/windows/Windows/System32

14.This command changes the current directory to the System32 directory in the Windows partition.  Now that the partition has been mounted, you can consider “/mnt/Windows” as the root drive of your server so “/mnt/windows/Windows/System32″ is the equivalent to “C:WindowsSystem32″.

15.Run the following command:  mv Magnify.exe Magnify.bak

16.This command renames the “Magnify.exe” file, which is in the System32 folder.

17.Run the following command:  cp cmd.exe Magnify.exe

18.This command, the final one, makes a copy of “cmd.exe” and names it “Magnify.exe”.

19.Remove the disc and reboot.

The steps above all make up the first stage, which is really the primary stage.  You see, we can’t really (easily) recover the password.  All the steps above bring you to a point where you will actually be able to bypass authentication all together with something akin to a backdoor.  Now you see why I started by saying that it should only be used for good.

For the second stage, we need to wait until Windows has booted and you are at the login screen.  On this screen you will notice a small icon in the lower left corner of the screen.  This is known as the “Ease of Access” feature, which provides accessibility options.  Click on this icon to bring up the dialog box.  You will notice several different accessibility options, one of them being “Make items on the screen larger (Magnifier)”.  This launches a tool called Magnify.exe which is used to make items on the screen larger.

Yes, I said “Magnify.exe”.  If you remember from the first stage of this solution, we replaced this tool with cmd.exe (which runs a command prompt).  On the “Ease of Access” dialog, select “Make items on the screen larger (Magnifier)” and press the OK button.  As you might expect now, instead of the Magnify tool being launched you are presented with a command prompt.  We have just fully bypasses the Windows Sever 2008 authentication.  You can run almost anything you can think from this command prompt as it is running under the NT AUTHORITY/SYSTEM account.  I ran “explorer.exe” which brought up the task bar.  I then went through the normal options to reset the password on the Administrator account and was able to immediately log in with the new password.

One more time I must stress that this information is only being presented to assist those who find themselves in a situation similar to mine.  Please do not use this information in an attempt to access a system that you should not have access too.

Windows server 2008 Password Recovery Tool: Windows Password Key 8.0
http://www.lostwindowspassword.com

# # #

Windows Password Key 8.0 is considered as the best tool to reset local administrator and user passwords on any Windows system. It creates a password recovery CD/DVD, USB Flash Drive for home, business and enterprise. And most of all, it's the most popular and safe solution for resetting your Windows password until now.

No need to call a technician, no need to re-install anything, and you certainly don't need to reformat.