Monday, September 12, 2011

Use Linux to reset Windows server administrator password

It's possible you might forget your Windows server administrator password or it's locked after you tried too many times. But don't worry, there's a nice tool 'chntpw' which can help you to reset and unlock it. The following example was tested on Windows 2003 server.

1. download the Linux rescue CD - RIP(Recovery Is Possible)

note: to reduce download time. Non-X version is enough.

2. reboot your Windows server with this CD, you might want to choose option 2 to skip keyboard map

3. login as root without password

4. run the following commands to mount Windows 2003 server partition as read-write

cd /mnt

mount -t ntfs-3g /dev/sda1 win -o force (assuming your Windows partition is /dev/sda1, you can use fdisk command to find out)

note: to make sure you mounted Windows partition as read/write, you can try to run command

touch /mnt/win/testfile to confirm it won't give you any error.

cd win/WIN2K03/system32/config

chntpw SAM

then follow the screen instruction

first, answer y to reset/unlock the counters

then enter * to blank password

finally, enter y all the way to finish

5. finishing up

cd /mnt


umount win



1. you can use chntpw SAM -l to list all Windows users

2. use chntpw SAM -u user1 to unlock/reset user1 password

3. (NTFS 3G website)