Can’t log in to Windows Server 2012 after removing AD DS

active-directorywindows-server-2012-r2

As title says, I just demoted my domain controller on my Windows Server 2012. I followed this guide in doing so:

How to demote a Domain Controller in Windows Server 2012 (AD DS) | blogs.interfacett.com

But upon reboot, I can't log in using Remote Desktop with my credentials. I've tried my old and new credentials and neither work. I've even plugged a keyboard and monitor into the server, and I can't log in with my old/new password there either.

I don't want to have to reset the whole server, is there any way I could find out what the password might have been set to?

I have tried to input a blank password also.

Best Answer

the simplest way is to reset the administrator password.

You will find many way googling it.

This one should work (I even used it to reset a domain administrator password in a lab) :

Instructions

To reset the password on your Windows 2012 server, simply complete the following steps:

Boot from the Micrsoft Windows Server 2012 DVD

From the Windows Setup menu, click “Next”.

Select “Repair your computer”

Under Choose and option, click on “Troubleshoot”.

Under Advanced options, click “Command Prompt”.

At the command prompt, run the following commands:

 d:
 cd windows\system32
 ren Utilman.exe Utilman.exe.old
 copy cmd.exe Utilman.exe

Close the command prompt and then click “Continue”.

The server should now boot and present the logon screen.

Here click Windows Key + U.

At the prompt you can now change the password, by typing the following command:

net user administrator Password123

This will set the password for the Administrator user to be Password123 (case sensitive).

Closing the command prompt, you should now be able to log back onto the server using the password you have provided in the last step.

Cleanup Steps

Once you have verified you can log on to the server you will have repeat the steps above and boot using the Windows Server 2008 DVD/ISO and run the command prompt again.

Restart your server and once again, boot from the Micrsoft Windows Server 2012 DVD From the Windows Setup menu, click “Next”. Select “Repair your computer” Under Choose and option, click on “Troubleshoot”. Under Advanced options, click “Command Prompt”. At the command prompt, run the following commands: d: cd windows\system32 ren utilman.exe utilman.exe.new copy utilman.exe.old utilman.exe

Close the command prompt and then click “Continue”.

You should be back up and running as if nothing ever happened.

Related Solutions

Cannot log onto Domain after demotion of primary DC

After connecting to this machine and trying to help out, I found two problems:

The first with regards to the DNS issues. This was just down to the fact that no reverse lookup zone was created. I created this and it was able to resolve the server via IP just fine.

As for non-existent domain, I am unsure where this was seen. Typing the domain name worked fine.

As for the more serious issue of users not being able to log in, it turned out to be rather simple - I checked the event log and it turned out that as it said, the GC was malfunctioning. After some more tests, I discovered that the SysVol folder was not being shared. I checked the basic NTFS settings, followed by sharing it and all machines now appear to be able to log in just fine.

There still seems to be a few issues that just shouldn't be there, and I think reinstall AD from scratch may just be the safest solution - but, the most important thing is that it appears to be working for now and the main errors have been dealt with.

Can’t activate Windows Server 2012 r2

Try an SKUUPGRADE - the eval issue can as such not be activated.

To determine the installed edition, run:

DISM /online /Get-CurrentEdition

To check the possible target editions, run:

DISM /online /Get-TargetEditions

Finally, to initiate an upgrade, run:

DISM /online /Set-Edition:<edition> /ProductKey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX

is how it works. See whether you can change from eval to standard.

But you may be out of luck - and then you may need a reinstallation.

But if it works then you MAY be lucky - if the VLK is not requiring a totally different version.

There is a reason we normally avoid installing eval versions for production.

Note to all voters to close: This is not a LEGAL advice - the poster asks about a technical implementation issue which is ok according to the board. Technically he does not ask about LICENSING (terms etc. - legal issue and VERY complicated) but how to activate his key (technical issue), and we do handle those here. Heck, for some parts of windows there are hugh guidelines for the technical side...

Best Answer

Related Solutions

Cannot log onto Domain after demotion of primary DC

Can’t activate Windows Server 2012 r2

Related Topic