Re: Locked out of SBS 03

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Chad A. Gross [SBS MVP] (chad.gross_at_laytonflower.nospam.com)
Date: 05/25/04 

Date: Mon, 24 May 2004 20:29:30 -0500

If someone with malicious intent has physical access to your server . . .

. . . it isn't your server anymore

Physical security has to be just as important as complex passwords and every
thing else we do. There are several apps out there that allow you to reset
passwords. I have one I downloaded for free that I keep on a floppy
just-in-case. (Ever been troubleshooting a problem with a client PC and get
to the point where you need to switch it to workgroup mode & rejoin the
domain? Have you done this at a client where it's an older PC you didn't
set up - and you realize *after* you drop the PC down to workgroup mode &
reboot that you didn't think to change the local admin password, and the
client has no idea what it is?) It's just a matter of minutes - boot to the
disk, follow the prompts and reset the admin password to whatever you want .
. .

Nope, without physical security - you have no security . . . 

-- 
Chad A. Gross - SBS MVP
SBS ROCKS!
www.msmvps.com/cgross
www.gosbs.org
Jeff L wrote:
> I am very unhappy to see that!
>
> How do I protect against this type of hack!
>
> "Mike R" <research@rollesolutions.com> wrote in message
> news:O#uEMWdQEHA.3744@TK2MSFTNGP10.phx.gbl...
>> go to www.lostpassword.com and get passware kit. It's expensive but
>> allows you to reset the admin password. Keep it in a safe place so
>> other users can't get to it.
>>
>>
>> "John L" <anonymous@discussions.microsoft.com> wrote in message
>> news:A1BD6AFB-4189-494E-8B28-CA7F24CA0ABF@microsoft.com...
>>> I got a new SBS 2003 server, while doing the intial setup I set a
>>> Admin
>> password, setup my TCP/ip and restarted. After restarting the
>> server, it is not taking the Admin password and is not letting me
>> in. Is there any way I can reset the password or get in?
>>>
>>> I have tried all my domain admin accounts and the administrator
>>> account
>> itself, but its just not letting me in.
>>>
>>> Please Help.
>>> John L

Relevant Pages

  • Re: SBS administrator password clearly compromised by inside attack, h
    ... now on a standalone machine it's no biggie... ... When I attempted to remote connect to the server, ... The server was configured "out of the box" with mobile users for all accounts and only the single admin password. ... a 64b wep key was generated from that password. ...
    (microsoft.public.windows.server.sbs)
  • Re: Builtin administrator password strategy ?
    ... generation in pseudorandom fashion with custom complexity reqs. ... use the local admin accounts unless the machine is not network alive, ... The goal wasn't to keep the password secret from administrators, but to enable you to give out the local admin password for one server without compromising the whole environment. ...
    (microsoft.public.windows.server.active_directory)
  • Re: URGENT - Invoke destructive batch files on login
    ... If you know the admin password and have a workstation with the AD tools ... I'd then create an alternate administrator account and start investigating ... an ex contractor has changed the login password for our SBS2003 ... server, not only that but he has added a batch file to invoke if we ...
    (microsoft.public.windows.server.sbs)
  • Re: Help - administrator locked out!
    ... so I was resigned to having to rebuild the server. ... them - accounts can't log on, password reset disks do not work, administrator ... we normally have a third party do ... Hopefully the local admin password ...
    (microsoft.public.windows.server.general)
  • Re: Lost Domain Administrator Password
    ... I did a google on recovering the admin password and found some resources to ... reset the local admin on the domain controller. ... It does not work on Win2k3 server. ...
    (microsoft.public.win2000.active_directory)