| Author |
Forgot password in W2KPRO
|
|
| kevkid 2001-04-18, 11:39 am |
| Hello all...
LOL.....My manager forgot his password to log onto a W2KPro standalone PC. Is there a work around without re installing.
Thanks to all........ | |
| kevkid 2001-04-18, 12:01 pm |
| This might sound like a stupid question...but.....if anyone can help. A bunch of us here were just laughing WITH him....not at him. | |
| SasiSan 2001-04-18, 12:09 pm |
| Let me start with I have never tried this which is why I didn't respond to your first post. BUT since you begged 
Source: Windows 2000 Magazine, Apr 01, pg 24
Lost Passwords
"People often find themselves locked out of their Windows 2000 or Windows NT systems as a result of a lost password for the Administrator account. Usually people consider the system a lost cause and start rebuilding it. However, you can use the following tip to work around this problem. When Win2K or NT boots, the OS usually displays the Ctrl+Alt+Del screen for approximately 20 minutes before the display changes and the logon box moves around the screen. When this happens, the machine has activated the screensaver logon.scr. If you replace this file with an alternative file (e.g., cmd.exe), the system will run this file under the system account instead of logon.scr. At this point, a user could issue a command such as Net User, usermgr.exe or compmgmt.msc to reset the Administrator password."
Let me know if it works... | |
| kevkid 2001-04-18, 12:14 pm |
| Thanks for your reply.....but...how can I get in and type usrmgr.exe when I dont know the password to log on. Does this have to be done with a boot disk???? | |
| SasiSan 2001-04-18, 12:17 pm |
| Yeap -- and I hope his computer isn't partitioned as NTFS because then you are in for a rebuild... | |
| kevkid 2001-04-18, 12:28 pm |
| I just asked him and .....it is NTFS.
So...I take it that he is S.O.L.
Anyone else want to take a crack at it???
Thanks ..... | |
| kevkid 2001-04-18, 12:45 pm |
| Oh well....I guess thats why they have NTFS.......so people cant get in.
Thanks all...... | |
| Wilbur 2001-04-18, 3:48 pm |
| On a stand alone pc Passwords are stored in the SAM (Security Account Manager )But I am not sure if you can edit the file in any way.  | |
|
| During the initial windows 2000 installation, a file called "sam" is put in your WINNT\repair folder.
You need to copy this over your current "sam" file, which is located in WINNT\system32\config. You will have to put the Hard Drive in another computer running windows NT/2000 to read the NTFS filesystem.
I'm not entirely sure what password will be used for the administrator account. It might be blank, but will most likely be the one used during installation.
Good luck.
-ben
This is from microsoft's website:
http://support.microsoft.com/suppor...s/Q239/8/03.ASP
*** If Windows 2000 is installed on a FAT or FAT32 file system: ***
Start the computer using an MS-DOS or a Microsoft Windows 95/98 startup disk.
Copy the original SAM saved during the initial Windows 2000 installation in the %SystemRoot%\Repair folder to the %SystemRoot%\System32\Config folder.
*** If Windows 2000 is installed on an NTFS file system: ***
Either move the drive to another Windows 2000-based computer or perform an additional installation of Windows 2000 (parallel install) to gain access to the NTFS partition.
Copy the SAM in the %SystemRoot%\Repair folder to the %SystemRoot%\System32\Config folder.
NOTE: This method is useful only if you remember the original Administrator password you used during the initial installation of Windows 2000. | |
|
| Here's a snippet from Technet article Q258289 Windows 2000 Logon Passwords..
"If a user password is lost, forgotten, or unknown, the only method to reset the
password is for the administrator (or a user with administrative access) to log
on and reset the password in Computer Management. There is no method in the
Windows 2000 security model to bypass, disable, or reset the password.
If the administrator password is lost, forgotten, or unknown, access to the
computer may not be obtainable and the operating system may need to be
reinstalled."
I not sure the information bbb supplied from Technet article Q239803 will work.
So let me guess...he was logging into the system using only the local Administrator account and forgot the password....(That's like crossing the streams in Ghostbusters...it's a "bad" thing to do.)
If that's the case I think you'll be re-installing Win2k before it's all said and done.
Good Luck to you. | |
| usnretired 2001-04-18, 6:28 pm |
| Just a thought...What about a 2nd installation of Win2k in a different %systemroot% directory (i.e. Winnt1) and then maybe, just maybe, you will have access to the original data. Back it up, format the drive and build the system. Otherwise, what have you got to lose? Anybody else have an idea? | |
| SasiSan 2001-04-18, 8:00 pm |
| If you can get into the files using another computer... You would have to add the drive and then take ownership of the files if it will let you. A local administrator should be able to take ownership... Then you should be able to replace the sam file or do the trick with the Net USER command.
If you install another version of the OS on that machine you are going to have to reinstall all the programs... Might try the first way first... | |
| kevkid 2001-04-19, 7:08 am |
| Thanks to everyone for their replys.......but he reinstalled the OS this morning.
I guess he wont make that mistake twice.......but then again....... | |
| dentonb2000 2001-04-19, 7:35 am |
| Sorry for the late reply, but:
install professional in another directory, boot the new installation. Go to the %systemroom% of the broken installation and rename %systemroot%\system32\config\S
AM to SAM.old . Reboot to the broken installation and the administrator account has been reset (and all accounts are deleted). | |
| kevkid 2001-04-19, 7:48 am |
| dentonb2000...
Thanks for the workaround. I will keep that bit of information handy. The stuff on his W2KPRO was not that important...he just felt like a dolt. | |
| kevkid 2001-04-19, 7:54 am |
| I told him about your idea and he's going to try it anyway. I'll let you know if it works. | |
| dentonb2000 2001-04-19, 8:02 am |
| Just keep in mind that the security subsystem is basically reset so any permissions and accounts that existed will be gone.
quote:
Originally posted by kevkid
I told him about your idea and he's going to try it anyway. I'll let you know if it works.
| |
| kevkid 2001-04-19, 8:50 am |
| Thats ok because this pc is at his home....and he really does not use it for work related stuff. | |
| TW2001 2001-04-19, 9:55 am |
| Hey Kev, There are some hacks that will recover/break adim password. Ive used a couple with NT 4. PM me I will send you a link. | |
| kevkid 2001-04-19, 10:15 am |
| Thanks.....I will. | |
| SasiSan 2001-04-19, 11:42 am |
| TW2001:
I thought about a couple of the hack programs but don't you need to be logged in as an administrator? I have seen them work but only on domains where you are logged in with an account that can edit the registry...
Curious | |
| StormWalker 2001-04-19, 9:51 pm |
| Couple of ways to circumvent the admin password.
1) Boot machine with either a Linux boot disk, or a distribution of Trinux.
(Trinux is a 3 floppy distro of Linux with a number of security tools included)
As you are root on the system you can mount the NT file system and change the admin password. Usually just delete it and leave it as a blank password.
2) If you have a plain user account on the box, and enough rights <grin> you can download and run a command line version of lophtcrack.
Just a couple of thoughts... | |
| dentonb2000 2001-04-20, 6:57 am |
| quote:
Originally posted by StormWalker
Couple of ways to circumvent the admin password.
1) Boot machine with either a Linux boot disk, or a distribution of Trinux.
(Trinux is a 3 floppy distro of Linux with a number of security tools included)
How does this work? The NT SAM is a database, not like the flat file used in UNIX where you can just * the pasword field in the password file and be done with it. Pleas explain as I could use this.
quote:
As you are root on the system you can mount the NT file system and change the admin password. Usually just delete it and leave it as a blank password.
2) If you have a plain user account on the box, and enough rights <grin> you can download and run a command line version of lophtcrack.
Just a couple of thoughts...
| |
| StormWalker 2001-04-21, 6:27 pm |
| Credit for this goes to Number Syx from 2600 magazine, Winter 1999-1900 issue page 6. You can get the whole skinny on the procedure there, but in a nutshell you get yourself a boot disks for Trinux v0.61 and get the files boot.gz, classic.gz, ntfs.o and rawrite.exe. Boot from the first two Trinux disks, then load ntfs.o then "mount -t ntfs /dev/hda1 /mnt <you might have to fool with the drive name to get to the ntfs drive. Use the last trinux boot disk You can then either attempt to reset the Administrators password or save the SAM to floppy by typing
mounnt -t msdos/dev/fd0/floppy. Copy out the SAM and then have at it with l0phtcrack(tm).
This worked for NT 4.0 and W2K test box in lab. <No service packs installed> YMMV, no purchase necessary to enter, void where prohibited, check with your local retailer for details. |
|
|
|