Login to disconnected domain controller

windows-authenticationwindows-server-2008-r2

I cannot login to a long-time disconnected domain controller running Server 2008 R2.

I have tried resetting the "local" Administrator password using the following method, but still cannot login.

http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/

Can someone please help?

Best Answer

If the machine has been disconnected from the network longer than your Active Directory (AD) forest's tombstone lifetime be sure not to allow the machine to actually replicate with any existing domain controllers (DCs). (You can get the tombstone lifetime by running dsquery * "cn=directory service,cn=windows nt,cn=services,cn=configuration,dc=<forestDN>" –scope base –attr tombstonelifetime, substituting in the DN of your AD forest, obviously).

If you don't have a working password from the AD instance running on the machine boot it in Directory Services Restore Mode (DSRM) and logon with the password set when the machine was promoted to a DC.

If you don't have the DSRM password you can reset it with any number of third-party utilities (I like http://pogostick.net/~pnh/ntpasswd/, personally).

(There are any number of other "hacks" that will get you onto the machine, but that's how I'd do it, personally.)

Best Answer

Related Solutions

Cannot login to OpenManage Server Administrator

Domain – Unable to login to a domain computer using a Local Administrator account

Related Topic