Problem Statement: Suppose you have a Windows server, which is very critical and have loads of critical application running but unfortunately the server cannot able to communicate with Active Directory and you cannot able to login to the server with the domain account.
And here come the real fun, due to some rogue employee, he has set some non-standard administrator password you neither know about of it and he is no longer with your organization.
How to solve this issue?
Solution :
1) We require the Windows Server 2012 R2 boot disc (or an ISO file for the virtual environment). Select the language and click next.
2) Click the option “Repair your computer“.
3) Select Troubleshoot – > Advanced Options -> Command Prompt
4) We will now take backup of utility manager executable. At the command prompt enter command as:
move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak “OR”
ren utilman.exe utilman.exe.bak
Note: Windows Installation is now located at D: drive so we would change current drive to D: instead of C:
5) Copy cmd.exe and rename to utilman.exe.
copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe
6) Remove the boot media and reboot the server.
wpeutil reboot
7) Once the server is up and running click on the utility manager icon.
8) The Command prompt will be opened and now we will give the below commands to reset the administrator password.
net user administrator *
9) Once the password is reset close the command prompt and reboot the server. Now try to login with the new administrator password it should allow you to log into.
10) Now we can troubleshoot why the server is not able to communicate to the domain controller and won’t allow accessing from domain account.
11) Once all set we should reset back the utilman.exe.we will again boot the server setup and follow steps 1-5 and then enter.
move /y d:\windows\system32\ utilman.exe.bak d:\windows\system32\ utilman.exe
12) Remove the boot media and reboot the server.
wpeutil reboot
Mayukh Rastogi's Blog 