Forgot the Administrator password

Forgot the Administrator password - Alternate Method - The LOGON.SCR trick

This is another trick that will easily work in Windows NT 4.0 and some versions of Windows 2000. The principal is that you need to install a second instance of your OS to your HD, then manipulate the default screen saver (the one that's used if you don't move your mouse while the CTRL-ALT-DEL box appears) for the original OS.

For free 3rd party tools read Forgot the Administrator's Password?.

Update: You can also discuss these topics on the dedicated Petri.co.il Forgot Admin

Password Forum.

Windows Server 2003 Domain Admin password

This tip will NOT work for Windows Server 2003. This is because of changes in the service

account with which the process runs. In Windows 2000 it was run in the Local SYSTEM

account (LSA) privileges, while in Windows Server 2003 it is run with the LOCAL SERVICE

account, thus resulting in far less privileges than it used to have in W2K and NT 4.0. The

reason 2 new account have been introduced in 2003 is that SYSTEM Account has way too

many power over the system and the system could be compromised by exploiting almost

any system service. The Microsoft's solution was to introduce 2 less powerful accounts

(LOCAL SERVICE and NETWORK SERVICE) and make some services run in the context

of those accounts instead of LSA.

To successfully reset the Domain Admin password on Windows Server 2003 Active

Directory please read the Forgot the Administrator's Password? - Reset Domain Admin

Password in Windows Server 2003 AD page.

Windows 2000 Domain Admin password

To successfully reset the Domain Admin password on Windows 2000 Active Directory

please read the Forgot the Administrator's Password? - Reset Domain Admin Password in

Windows 2000 AD page.

The LOGON.SCR trick

Please purchase PDFcamp Printer on http://www.verypdf.com/ to remove this watermark.

http://www.verypdf.com/

To successfully reset the local administrator's password on Windows NT and some versions of Windows 2000 follow these steps:

1. Install an alternate copy of Windows NT or Windows 2000.

You must install this instance of NT/2000 on a different folder than WINNT, otherwise you'll end up with the same bad situation. Use ALTWINNT for example.

It is best that you install the alternate instance of the OS into a different partition than the one you have your original installation. You'll delete this folder anyway, and it's best that you just format that partition after you're done. Formatting the partition will be much easier than deleting individual files and folders.

Also, if you lost your password on NT - install a new instance of NT, not Windows 2000, as doing so will ruin your old NT installation (because of the difference between the NTFS versions). Same goes for W2K, XP and Windows Server 2003. Always install the same OS.

Note: On Windows NT 4.0 machines that were installed out-of-the-box you do not have to install a fresh copy if you still have access as a regular user to the system. E.g. if you can log-on as a regular, non-administrator user, you can still manipulate the file's permissions. This is simply because NT's default permissions are set for Everyone - Full Control. This is not true on W2K/XP/2003 machines. Another note: Reader Mike wrote:

In the article you mention installing the OS on top of the existing OS to do

the logon screensaver manipulation.

I wanted to mention that this can also be accomplished by removing the

hard drive, placing it as a slave on another computer (XP and W2K play

nicely) and then accessing the file system. Of course you need a second

computer, but for some folks it may be an easier solution.

Thanks,

Mike

That's correct, and it will work for you unless you converted the disk to a dynamic disk, on

the original OS. In that case you will no longer be able to boot the old OS, even if you do

manage to access the files from the other computer.



2. Boot the alternate install. 3. Use Control Panel/System/Startup (for NT) or Control

Panel/System/Advanced/Startup and Recovery for W2K to change the default boot instance back to your original install.

Lamer note: If you don't do that you'll end up booting into the alternate installation next time you turn on your computer. You don't want that, do you?

4. Open Explorer. Browse to your original Windows NT/2000 folder, navigate to the %systemroot%\System32 sub-folder.

Lamer note: %systemroot% is a system variable used to point to the folder where NT/2000 is installed, usually \WINNT in NT/2000, or \WINDOWS in XP/2003.

5. Save a copy of LOGON.SCR, the default logon screen saver, anywhere you like. Just remember where you've placed it. You can also just rename the file to something you'll remember later, I user LOGON.SC1.

Lamer note: To rename a file use the REN command in the Command Prompt window, or just select the file in Windows Explorer and press F2.

6. Delete the original LOGON.SCR from the %systemroot%\System32 sub-folder. It is not necessary to delete the file if you renamed it, you can leave it there.

Note: You might not be able to delete the LOGON.SCR file because of permission settings. Regular users can only read and execute the file, not delete it. If that is the case (and it is in W2K, XP and Windows Server 2003) then you need to take ownership of the file and give the EVERYONE group FULL CONTROL permissions.

Lamer note: In order to take ownership of a file right-click it, select Properties, select the Security tab, click Advanced, and then click on the Owner tab. Select one of the users found in the list, click ok all the way out.

In order to change the LOGON.SCR permissions follow the previous instructions, in the Security tab click Add and browse to the Everyone group. Add it and make sure you give it Full Control. Click Ok all the way out.

7. Make a copy CMD.EXE in the %systemroot%\System32 sub-folder. CMD.EXE is located in %systemroot%\system32.



Lamer note: In order to copy a file via GUI, select the file, right-click and chose Copy, then go to the destination folder, right click the folder name and select Paste. You can also use the keyboard by typing CTRL-C to Copy, CTRL-V to Paste.

8. Rename the copy of CMD.EXE to LOGON.SCR.

Lamer note: See step #5.

9. Shutdown and restart your computer. Boot into the original install. 10. Wait for the logon screen saver to initiate - around 15 minutes. Oh, and

no, do NOT move your mouse while you wait, duh...

After the screensaver is initiated, instead of running the normal LOGON.SRC actual screensaver, it will run the renamed CMD.EXE file (which is now called LOGON.SCR), and will actually open a CMD prompt in the context of the local system account.

In step #7 you could have used EXPLORER.EXE instead of CMD.EXE, and in that case a My Computer window will pop up.

Note: As noted earlier on this page, there is a way to make the wait time shorter, but you'll need to dig into the Registry for that.

11. Open the CMD.EXE prompt (it should already be opened if you've used CMD.EXE in step #7) and type:

net user administrator 123456

This will reset the local administrator (or domain admin if you are doing this trick on a DC) password to 123456.

Lamer note: You can, of course, use ANY password you want...

12. Delete the LOGON.SCR from %systemroot%\System32. 13. Rename the saved default screen saver from step 5 back to LOGON.SCR. 14. If you wish to remove the alternate install:

• Delete its' folder. • ATTRIB -R -S -H c:\BOOT.INI • Edit c:\BOOT.INI and remove the alternate install's entries.

If you've used a different partition to install the alternate install then now you can simply delete or format that partition if you don't need it anymore, plus edit c:\BOOT.INI and remove the alternate installation entries.



This trick has been tested a zillion times. Don't bother to tell me it doesn't work, it does (for Windows NT and some versions of Windows 2000), and that's a fact.

Related articles You may find these related articles of interest to you:

• Change Recovery Console Password • Change User Password from a Remote Computer • Change User Password from the Command Prompt • Forgot the Administrator's Password? • Forgot the Administrator's Password? - Reset Domain Admin Password in Windows

2000 AD • Forgot the Administrator's Password? - Reset Domain Admin Password in Windows

Server 2003 AD • Recover Protected Office Documents • What's the Password Reset Disk in Windows XP?

How can I gain access to a Windows NT/2000/XP/2003 computer if I forgot the administrator's password? How can I reset the administrator's password if I forgot it?

Ok, so you say you forgot your Windows administrator's password, huh? Oh well, it doesn't really matter if you did or you just say you did. The fact is that you need to gain access to a computer and you cannot "remember" the administrator's password.

How can you get out of this situation without formatting and re-installing the operating system?

One method of gaining access to the system is by trying hard to remember the forgotten

password, or a password of another user which has the same level of administrative rights.

However I don't think this approach will help you, otherwise you wouldn't be sitting here reading article, would you?)

Another method is by trying to restore a backed up System State (in Windows 2000/XP/2003) or a ERD (in NT 4.0) in which you do remember the password. The problem with doing so is that you'll probably lose all of the recently add users and groups, and all the changed passwords for all of your users since the



last backup was made.

A third method might be to install a parallel operating system on a different partition on the

same computer, then use a simple trick to gain access to the old system. Read more about it

on my Forgot the Administrator's Password? - Alternate Logon Trick article.

Note: If you are looking for password cracking tools that can be used for miscellaneous objectives such as password-protected PDF documents, zipped archives, Office documents, BIOS protection and so on then this pages is NOT for you. See some links at the bottom of this page for hints on where to find such tools, but I can tell you right away that Google might be a better choice for you.

The fourth option is by using 3rd party tools that will enable you to reset the lost password

and logon with a blank password.

Update: You can also discuss these topics on the dedicated Petri.co.il Forgot Admin

Password Forum.

Translations of this article

There are some translations made of this article. Here are the ones I am aware of (do tell me

if you know of another, or if you want to create one in your language):

• Portuguese - HERE is an excellent translation of this article into Portuguese (by

Bruno Koga - Thanks!) • Serbian - HERE (by Aleksandar Stojilkovic - thanks!) • Spanish - HERE (by Victor Pereyra - thanks!)

Free Tools

Here are some of these tools: Free Windows password-cracking tools are usually Linux boot disks that have NT file system (NTFS) drivers and software that will read the registry and rewrite the password hashes for any account including the Administrators. This process requires physical access to the console and an available floppy drive but it works like a charm! I've done it myself several times with no glitch or problem whatsoever. Beware!!! Resetting a user's or administrator's password on some systems (like Windows

XP) might cause data loss, especially EFS-encrypted files and saved passwords from within

Internet Explorer. To protect yourself against EFS-encrypted files loss you should always

export your Private and Public key, along with the keys for the Recovery Agent user. Please



read more about EFS on my What's EFS? page. Out of the following list, the only tool that

will no cause any harm to EFS-encrypted files on your hard disk is the Windows Password

recovery system. Here are 5 of these free tools:

1. Windows Password recovery - Can retrieve forgotten admin and users' passwords in

minutes. Safest possible option, does not write anything to hard drive. 2. Petter Nordahl-Hagen's Offline NT Password & Registry Editor - A great

boot CD/Floppy that can reset the local administrator's password. 3. Openwall's John the Ripper - Good boot floppy with cracking capabilities. 4. EBCD – Emergency Boot CD - Bootable CD, intended for system recovery

in the case of software or hardware faults. 5. Austrumi - Bootable CD for recovering passwords and other cool tools.

If you happen to know about other free tools please let me know . Note: These password resetting tools are usually good for local users on a stand alone

computer. For Domain Admin password resetting procedures please see the Related

Articles section at the bottom of this page. Note: I'd like to put together all the info you have about these issues. If you have any tips, recommended links or any ideas about how to figure out a lost password - please e-mail me and I'll get back to you .

Windows Password recovery

http://www.loginrecovery.com This site provides a tool to recover lost Windows XP passwords. It works for administrator and user accounts, it doesn't change the password just tells you the old one. It works with encrypted files (EFS) and password hashes. It even works if no passwords at all are known for the machine (as long as you have another computer with internet access to view this website with). Author claims it also works with Windows NT and Windows Server 2003 and Windows Longhorn, but the BEST thing about it is the fact that it won't reset your passwords, but simply reveal them for you to remember and then use. Give it a try. The author would like to receive feedback. There is a free service as well as a priority service that will retrieve your passwords within minutes. The fee for the priority service is very cheap, and is really just to cover server costs. Note: You'll need a blank floppy to run the process. Update: Author now offers the same tool as a CD image for those of you who do not have a floppy in their computer. Usage, instructions and additional information can be found at http://www.loginrecovery.com

Offline NT Password & Registry Editor (v050303)



http://www.loginrecovery.com

http://www.loginrecovery.com

Petter Nordahl-Hagen has written a Windows NT/2000/XP offline password editor: http://home.eunet.no/~pnordahl/ntpasswd

• This is a utility to (re)set the password of any user that has a valid (local) account on your Windows NT/2000/XP/2003 system, by modifying the encrypted password in the registry's SAM file.

• You do not need to know the old password to set a new one. • It works offline, that is, you have to shutdown your computer and boot

off a floppy disk or CD. The boot-disk includes stuff to access NTFS partitions and scripts to glue the whole thing together.

• Works with syskey (no need to turn it off, but you can if you have lost the key)

• Will detect and offer to unlock locked or disabled out user accounts!

Caution: If used on users that have EFS encrypted files, and the system is XP or later service packs on W2K, all encrypted files for that user will be UNREADABLE! and cannot be recovered unless you remember the old password again! Download links:

• bd050303.zip (~1.1MB) - Bootdisk image, date 050303. • cd050303.zip (~3MB) - Bootable CD image with same version and drivers

as floppies above • sc050303.zip(~1.4MB) - SCSI-drivers (050303) (only use newest drivers

with newest bootdisk, this one works with bd050303)

To write these images to a floppy disk you'll need RawWrite2 which is included in the Bootdisk image download. To create the CD you just need to use your favorite CD burning program and burn the .ISO file to CD. Support and Problems? Don't call me! Talk to the creator of this great tool. He also has a good FAQ set up covering most of the day-to-day questions. Read it right HERE Author claims that this tool was successfully tested on NT 3.51, NT 4, Windows 2000

(except datacenter), Windows XP (all versions) and Window Server 2003. Notice that it is NOT compatible with Active Directory. Need to change Windows NT/2000 Domain Admin password? This tool, however useful, will only reset the local administrator's password (e.g. the one found in the local computer's SAM). To reset a password of a domain administrator (or any other user for that matter) you must perform the routine that is described in the following page: Forgot the Administrator's Password? - Reset Domain Admin Password in Windows 2000 AD. Note: The above trick will probably not work under Windows Server 2003 due to service

account security changes. To work around these limitations please read the Forgot the

Administrator's Password? - Reset Domain Admin Password in Windows Server 2003 AD

page.



http://home.eunet.no/

John the Ripper (v1.6)

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP LM hashes, plus several more with contributed patches. Read more at http://www.openwall.com/john Download links: John the Ripper 1.6 (768kb)

EBCD – Emergency Boot CD (v0.60)

EBCD is a bootable CD, intended for system recovery in the case of software or hardware faults. It is able to create backup copies of normally working system and restore system to saved state. It contains the best system software ever created, properly compiled and configured for the maximum efficient use. EBCD will be very useful when you need to:

• Copy/move files (with long names, not necessary in CP437 encoding) from/to the disk but OS which can handle them (windows, Linux...) cannot boot. In particular, you may create a backup copy of normally installed and configured Windows and later restore Windows from such backup copy. So, in the case of fault OS itself and all software and its settings can be restored in 5-10 minutes.

• Perform emergency boot of Windows NT / 2000 / XP. When the loader of this OS on the hard disk is damaged or misconfigured, you are able to load OS using another, standalone loader from this CD.

• Recover master boot record of HDD. This allows to boot OS after incorrect uninstallation of custom loader (LILO, for example), which made all OS on your PC not bootable.

• Delete, move, copy to file (image) and re-create partition from file. Image transfer over network is also supported: so you may configure one PC and then make contents of hard disks of other PCs same as contents of the hard disk of the first one.

• Change password of any user, including administrator of Windows NT/2000/XP OS. You do not need to know the old password.

• Recover deleted file, even file re-deleted from Windows Recycle Bin, and, in contrast, wipe single file or a whole disk so that it will be impossible to recover it in any way.

• Recover data from accidentally formatted disk. Sometimes it helps to recover data from the disk, damaged by a virus.

• Recover data from a floppy disk, which is not readable by OS. Format 3.5" disk for 1.7 Mb size.

Also the disk includes full set of external DOS commands, console versions of the most popular archivers/compressors. Moreover, emergency boot CD includes minimal Linux distribution (Rescue Linux distribution) which may be very useful to a professional user.



http://www.openwall.com/john

Read more at http://ebcd.pcministry.com Download links: EBCD Pro distribution (18mb) More download links: HERE, HERE, HERE, HERE and HERE. One of them has got to work,

and if not, please send me a note.

Austrumi (v0.9.2 - December 2004)

Austrumi is a Linux bootable ISO image for recovering NT passwords and other cool tools

and methods, sized for Business Card size CD media (50Mb). It allows you to change any

password, including that of the Administrator, on a partition occupied by Windows NT,

Windows 2000 or Windows XP. Simply boot the CD and when you get to the initial boot

prompt, type:

boot: nt_pass

This will launch a console utility that will detect Windows partitions on the hard disk and

provide you with a menu to modify any user or Administrator passwords on the Windows

system. It will even give access to the Windows registry for recovery purposes. Quite a

handy utility to keep in your wallet (AUSTRUMI is small enough to fit on a business card-size

CD) if you are unfortunate enough to having to deal with Windows machines in your line of

work. Read more at http://sourceforge.net/projects/austrumi Download links: Austrumi v0.9.2 (ISO file, 50.9mb)


• Change Recovery Console Password • Change User Password from a Remote Computer • Change User Password from the Command Prompt • Forgot the Administrator's Password? - Alternate Logon Trick • Forgot the Administrator's Password? - Reset Domain Admin Password in Windows

2000 AD • Forgot the Administrator's Password? - Reset Domain Admin Password in Windows

Server 2003 AD • Recover Protected Office Documents



http://ebcd.pcministry.com

http://sourceforge.net/projects/austrumi

• What's the Password Reset Disk in Windows XP?

New:

• You can also discuss these topics on the dedicated Petri.co.il Forgot Admin

Password Forum.

Links Changing the Administrator password if you have forgotten it (Windows NT 4.0 only) Lost your Administrator password and need the ultimate hack? (Windows NT 4.0 only) Recover Lost Windows NT Administrator Password Password Recovery Resources

Available Tools Active Directory Replication Monitor: This utility graphically displays the replication topology of connections between servers on the same site. Active Directory Schema Manager: The Schema Manager is a Microsoft Management Console (MMC) snap-in that allows you to view, modify, and extend the Active Directory schema. Adsizer: Active Directory Sizer - Estimates the hardware required for deploying Active Directory in an organization. ADSI Edit: ADSI Edit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for the Active Directory. Add Users: This 32-bit administrative tool for Windows 2000 uses a comma-delimited file to create, write, and delete user accounts. Add Users to a Group: The UsrToGrp tool adds users to a local or global group according to information in a user-specified input text file. AuditPol: AuditPol is a command-line tool that enables the user to modify the audit policy of the local computer or of any remote computer. AutoExNT Service: AutoExNT Service allows you to start a batch file, Autoexnt.bat, at boot time without having to log onto the computer on which it will run. Apimon: API Monitor - Monitors the API calls made by a process. Appsec: Application Security Hotfix - Sets user permissions on a file-by-file basis to lock down accessible applications. Associate: This command-line tool enables you to register or unregister a file name extension with the registry. Batch File Wait: Sleep causes the computer to wait for a specified amount of time. Browser Monitor: Browser Monitor is a GUI tool that monitors the status of browsers on selected domains. Browsers are shown on a per-domain and per-



transport basis. Browser Status: BrowStat is a general purpose, character-based browser diagnostic tool. Use BrowStat to find out whether a browser is running and to find active Microsoft Windows for Workgroups (WFW) browsers in Windows 2000 and Windows NT domains. ChgPrint: Change Printer Utility - This tool assists network-administrators in managing printer shares. mains. Clipstor: This GUI tool manages multiple Clipboard text buffers. It allows you to retrieve text from the Clipboard and store it in one of its buffers, and paste any of its buffers to the Clipboard, with your mouse. Clusrest: Cluster Quorum Restore Utility - Restores the quorum disk of a cluster, which is not done by a restore process using NtBackup. CompReg: A Win32 character-based/command-line "Registry DIFF" that enables you to compare any two local or remote registry keys in Windows 2000, Windows NT, and Windows 95/98. Ctrlist: Counter List - Lists all objects and counters installed in the system for the given language ID. Cluster Verification Utility - Verifies that two-node cluster systems are set up properly. CustCon: Console Key Customizer - Custcon.exe is a Windows 2000 GUI tool that is used to customize the extended line editing keys when using Cmd.exe (Ntconsole). To enable new key settings, click the "Use Extended Edit Keys" checkbox. Defptr: Default Printer - Using this tool you can easily change your default printer, switching between available network or local printers. Delprof: User Profile Deletion Utility - This tool deletes user profiles on computers running Windows 2000. Delrp: Delete File and Reparse Points - Deletes a file or directory and any associated NTFS reparse points. Delsrv - Unregisters a service with the service control manager. Dependency Walker: Dependency Walker is a graphical Win32 development tool that scans any Win32 module (.exe, .dll, .ocx, .cpl, .scr, and .sys, among others) and builds a hierarchical tree diagram of all dependent modules. Dflayout: Compound File Layout User Tool - This layout tool for document files enables you to optimize compound files for improved performance over low-bandwidth networks, such as the Internet. DH: Display Heap - Displays information about heap usage in a user-mode process or pool usage in kernel-mode memory. DHCPCMD: DHCP Administrator's Tool - This command-line tool provides an auxiliary method of administering Dynamic Host Configuration Protocol (DHCP) servers. Dhcpexim: DHCP Database Export Import Tool - Exports a DHCP database and server configuration from a server running Windows NT 4.0 Server or Windows 2000 Server for import into a destination DHCP server running Windows 2000. DHCPLOC: DHCP Server Locator Utility - DHCP Server Locator Utility displays the DHCP servers active on the subnet. If it detects any unauthorized DHCP servers, it beeps and sends out alert messages. DHCPOBJS: DHCP Objects - DHCP Objects allows you to automate DHCP Server configuration. It also provides enhanced capabilites over the Dhcpcmd tool, such as the ability to remove a DHCP lease. Diruse: Directory Disk Usage - Displays information about a disk and the contents of its partition table.



DSACLS: This tool facilitates management of access-control lists for directory services. DSASTAT: This diagnostic tool compares and detects differences between naming contexts on domain controllers. Diskmap: Displays information about a disk and the contents of its partition table. Diskpart: Diskpart Command Line Utility - Enables storage configuration from a script, remote session, or other command prompt. DiskProbe: DiskProbe is a sector editor for Windows 2000. It allows a user with local Administrator rights to directly edit, save and copy data on the physical hard drive that is not accessible in any other way. DiskUse: DiskUse is a command-line tool that scans directories on a hard disk and reports on space used by each user. Dmdiag: Disk Manager Diagnostics - Saves disk volume configuration to a text file and writes a signature to a disk partition. DNSCMD: DNS Server Troubleshooting Tool - Dnscmd.exe is a command line tool designed to assist administrators in DNS management. DomMon: Domain Monitor - Domain Monitor monitors the status of servers in a domain and the secure channel status to the domain controller and to domain controllers in trusted domains. Drivers: List Loaded Drivers - Displays information on installed device drivers, their files, and their code. Drmapsrv: Drive Share Hotfix - Automatically configures NET SHARE and NET USE client drives for Terminal Services server access. Note: This download includes only the hotfix for the utility, not the tool itself. Dumpel: Dump Event Log - Dumps an event log to a tab-separated text file. Dumpfsmos.cmd: Dump FSMO Roles - Dumps the Flexible Single Master Operations roles. Dureg: Registry Size Estimator - Shows how much data is stored in the registry, or in any registry subtree, key, or subkey. DxDiag: DirectX Diagnostic Tool - This tool presents information about the components and drivers of the Microsoft DirectX application programming interface installed on your system. Efsinfo: Encrypting File System Information - Displays information about encrypted files on NTFS partitions. Exctrlst: Extensible Performance Counter List - Displays information on extensible performance counter DLLs installed on a computer. Extract.exe: Extract Cabinet - Extracts files from cabinet (.cab) files. ExeType: Finding the Executable Type - ExeType is a command-line application that identifies the operating system environment and processor required to run a particular executable file. Expand: File Expansion Utility - This command-line tool enables you to expand files that have been compressed by Compress.exe . FAZAM 2000: Reduced-Functionality Version - Extends Group Policy management functionality of Windows 2000. File Compress: This command-line tool can compress one or more files. FileVer: This command-line tool examines the version resource structure of a file or a directory of files on either a local or remote computer and displays information on the versions of executable files such as .exe files and dynamic-link libraries DLLs. FindGrp: Find Group - This tool finds all direct and indirect group memberships for a specified user in a domain.



FlopLock: Lock Floppy Disk Drives - FloppyLock is a service that controls access to the floppy drives of a computer. ForFiles: This command-line tool can be used in a batch file to select files in a folder or tree for batch processing. FreeDisk: This command-line tool checks a disk drive for free space, returning a 0 if the specified amount of free space is available and a 1 if it is not. FtEdit: FT Registry Information Editor - FTEdit is a GUI tool that allows you to create, edit, and delete fault tolerance sets for disk drives and partitions of local and remote computers. GetFlags: Global Flags Editor - GFlags is a GUI tool that enables a developer or system administrator to edit the NtGlobalFlag settings for Windows 2000. Getmac: GetMAC - Gets a computer's MAC (Ethernet) layer address and binding order. Getsid: Get Security ID - Compares the security IDs of two user accounts. GetType: GetType.exe is a command-line tool that allows you to detect what type of Windows software (workstation, server or domain controller) is installed on a computer. Global: This command-line tool displays members of global groups on remote servers or domains. GrpCpy: Group Copy - This GUI tool enables users to copy the usernames in an existing group to another group in the same or another domain or on a computer running Windows 2000. Gpotool: Group Policy Verification Tool - Allows administrators to check Group Policy object integrity and monitor policy replication. Gpresult: Group Policy Results - Displays information about the result Group Policy has had on the current computer and logged-on user. Guid2obj: GUID to Object - Maps a GUID to a distinguished name. Heapmon: Enables user to view system heap information. Hlscan: Hard link display tool - Displays hard links on an NTFS volume or in specified files or directories of the volume. Ifmember: Checks whether the current user is a member of a specified group. IIS Migration Wizard: Migrates Web server configuration settings. Installation Monitor: Tracks changes made by setup programs in the registry, .INI files, and other child processes. IntBind: Interrupt Affinity Tool - The Interrupt Affinity Tool is used on multiprocessor systems to affinitize interrupts of disk or network adapters to one or more processors. Inuse: File-In-Use Replace Utility - Performs on-the-fly replacement of files currently in use by the operating system. Ipsecpol: Internet Protocol Security Policies Tool - Configures Internet Protocol Security (IPSec) policies in the Directory Service, or in a local or remote registry. Kerbtray: Kerberos Tray - Displays ticket information for a given computer running the Kerberos protocol. KernProf: Kernel Profiler - This command-line tool provides counters for and profiles of various functions of the Windows 2000 kernel. Kill: Task Killing Utility - Use this command-line tool to end one or more tasks or processes. Use TLIST to find out the PID. Klist: Kerberos List - Views and deletes the Kerberos tickets granted to the current logon session. KSetup: Kerberos Setup - KSetup is a command-line tool for configuring Windows 2000 Professional to use an MIT-based Kerberos realm instead of a Windows 2000 domain.



KTPass: Kerberos Keytab Setup - KtPass is a configuration tool for MIT Kerberos interoperability that allows an Administrator to configure a non-Windows 2000 Kerberos service as a security principal in the Windows 2000 Active Directory. Leakyapp: This GUI testing tool appropriates system memory to see how other applications or the system as a whole runs in low-memory situations. LDP: Active Directory Administration Tool - Ldp is a graphical tool that allows users to perform Lightweight Directory Access Protocol (LDAP) operations, such as connect, bind, search, modify, add, and delete, against any LDAP-compatible directory, such as the Active Directory. Link Check Wizard: Link Check Wizard scans all of the link (shortcut) files on your system, and checks to see if the shortcut points to an existing application or document. LINKD: This command-line tool links an NTFS directory to a target object. LIST: Text Display and Search Tool - This simple text display and search tool lists the contents of a file. Unlike other text display tools, List is a good tool for looking at large text or log files because it does not read the whole file into memory when you open it. LOCAL: This command-line tool displays members of local groups on remote servers or domains. LogEvent: Event Logging Utility - This tool enables you to make entries to the Event Log on either a local or remote computer from the command prompt or a batch file. LogOff: The LogOff tool is used to log a user off from the command prompt. LogTime: This command-line tool logs the start or finish of command-line programs from a batch file. This can be useful for timing and tracking batch jobs such as mail-address imports. MemSnap: Memory Profiling Tool - This memory profiling tool takes a snapshot of the memory resources being consumed by all running processes and writes this information to a log file. MoveTree: Active Directory Object Manager - Movetree.exe is a command line tool that allows administrators to move Active Directory objects such as organizational units, users or computers between domains in a single forest. MUNGE: This command-line tool provides a convenient way to search for and replace strings in a file or files. NETAFX: Network Configuration Tool - This tool can be used to configure a variety of network parameters from the command prompt. NetCons: Net Connections - This GUI tool monitors and displays current net connections, taking the place of the Windows command-line command net use. NetCmd: NetCmd.exe is a command-line tool that opens a command prompt. It automatically maps a UNC path to a drive letter. You can point to any folder in Windows Explorer (or any common file dialog) and open up a command prompt at that location. Netdiag: Network Connectivity Tester - Helps isolate networking and connectivity problems. NetDom: Windows 2000 Domain Manager - This tool enables administrators to manage Windows 2000 domains and trust relationships from the command line. Netsvc: Command-line Service Controller - You can use NetSvc to remotely start, stop, and query the status of services from the command line. NetWatch - Net Watch shows which users are connected to shared folders. It also enables you to disconnect users and un-share folders. It can now simultaneously monitor multiple computers. NLMon: This command-line tool can be used to list and test many aspects of



trust relationships. NLTest: This command-line tool helps perform network administrative tasks. Now: Echoes the current date and time plus any arguments passed to it. NSS2DOC: This utility helps the Remote Storage product in Windows 2000 Server migrate documents stored in the native structured storage (NSS) format to tertiary storage (tape). Ntdetect.com (Installd.cmd) - Installs a debug version of Startup Hardware Detector used for troubleshooting hardware detection issues. NTDSUTIL: Directory Services Management Tool - NtdsUtil performs database maintenance of the Active Directory store, management and control of the Floating Single Master Operations (FSMO), and cleaning up of metadata left behind by abandoned domain controllers, those which are removed from the network without being uninstalled. NTRights: With this command-line tool, you can grant or revoke any Windows 2000 right to or from a user or group of users. NTUUCODE: 32-Bit UUDecode and UUEncode Utility - You can use this 32-bit GUI program to encode or decode files according to the UUEncoding standard. Oh: Open Handles - Shows the handles of open windows, processes, or objects. Oleview: OLE/COM Object Viewer - Browses, configures, and tests Microsoft Component Object Model classes installed on a computer. PassProp: This command-line tool can be used to set two domain policy flags: whether passwords have to be complex and whether the administrator account can be locked out. Pathman: Path Manager - Adds or removes components of the system or user path. PerfMetr: Performance Meter - This command-line tool displays text-based information on the performance of a computer running Windows 2000. PermCopy: This command-line tool copies share-level permissions (ACLs) from one share to another. Perms: File Access Permissions per User - Displays a user's access permissions for a file or directory. Pfmon: Page Fault Monitor - Lists the source and number of page faults generated by an application's function calls. PMON: Process Resource Monitor - PMon is a command-line tool that monitors process resource usage, tracking CPU and memory usage. Pstat: Process and Thread Status - Shows the status of all running processes and threads. PrintMig: Printer Migrator - This printer configuration tool allows you to back up or migrate any print server on which you have administrative rights. PTree: Process Tree - Process Tree allows you to query the process inheritance tree and kill processes on local or remote computers. PPTP Ping - Point-to-Point Tunneling Protocol Ping Tools - Pptpclnt.exe and Pptpsrv.exe are tools that work in unison to verify that the required protocol and port for Point-to-Point Tunneling Protocol (PPTP) is being routed from a PPTP client to a PPTP server or vice-versa. Pulist: Lists processes running on local or remote computers. PViewer: Process Viewer - Process Viewer is a Windows-based tool that displays information about a running process and allows you to stop (kill) processes and change process priority. Qslice: CPU Usage by Processes - Shows the percentage of total CPU usage per process. RASList: This command-line tool displays Remote Access Service (RAS) server



announces from a network. RASMon: You can use this tool to monitor your Remote Access Service. RASUsers: Enumerating Remote Access Users - RasUsers lets you list for a domain or a server all user accounts that have been granted permission to dial in to the network via Remote Access Service (RAS). Rdpclip: File Copy Hotfix - Copies files between Terminal Services server and client. REG: This tool enables you to add, change, delete, search, backup, restore, and perform other operations on registry entries from the command prompt or a batch file. It can be used on both local and remote computers. Note: This version of REG is in fact version 1.10 from the NT4 Resource Kit. It works with Windows 2000 but is not the version 2 that comes with the 2000 Reskit and is very much updated and with differing syntax to version 1.10, nor is it the version 3 that comes bundled with Windows XP (Thanks Pete!) REGBack: Registry Backup - Registry Backup (RegBack) is a tool for backing up the Windows Registry to files without use of a tape drive. RegBack allows you to back up Registry hives while the system is running and has the hive files open. REGFind: RegFind is a command-line tool with which you can search the Windows 2000 registry for arbitrary data, key names, or value names and optionally replace any of these with new values. REGINI: Registry Change by Script - This tool uses character-based batch files to add keys to the Windows 2000 registry by specifying a registry script. REGRest: Registry Restoration - Registry Restoration (RegRest) restores Registry hive files from backups created by RegBack. Relog: Extracts performance counters from logs created by the Performance Logs and Alerts service. ReMapKey: Remap Windows Keyboard Layout - This tool changes keyboard layout by remapping the scancode of keys. Remote Command Service: (Rcmd.exe & Rcmdsvc.exe) - The Remote Command Service (Rcmd.exe) provides a secure, robust way to remotely administer and run command-line programs. (RCMDSRV also included.) Remote Administration Scripts: The Remote Administration Scripts are a collection of Visual Basic scripting tools designed to perform specific administrative tasks using Microsoft Active Directory Services Interfaces (ADSI) and Windows Management Instrumentation (WMI) for Windows 2000. Rscripts.chm is an HTML Help file that documents the Remote Administration Scripts. RKill: Remote Kill - This service (RKILLSRV.EXE) with both GUI (WRKILL.EXE) and command-line (RKILL.EXE) clients allows a user to enumerate and kill processes on a remote computer. To kill a process remotely with this tool, you must be member of the Administrators group. RMTShare: Remote Share - Remote Share is a command-line tool that allows you to set up or delete shares remotely. RPCCfg: RPC Configuration Tool - Configures Microsoft Remote Procedure Call (RPC) to listen on specified ports. Rpcdump: RPC Dump - Dumps all endpoints in the endpointmapper database, pings each endpoint, gathers other stats, sorts and displays the data. RPC Ping: RPC Connectivity Verification Tool - Verifies that Windows 2000 Server services are responding to remote procedure call requests from network clients. RSDiag: Remote Storage Diagnostic Utility - This command-line tool examines Remote Storage (HSM) databases and displays diagnostic information about jobs, managed NTFS 5 volumes, removable media, and other Remote Storage



information useful for system analysis. RSDir: Remote Storage File Information Utility - This command-line tool examines Remote Storage reparse points, displaying Remote Storage information for files in the current directory and its subdirectories. ScanReg: This Win32 command-line "registry GREP" enables you to search for any string in keynames, valuenames, and/or valuedata in local or remote registry keys in Windows 2000 Windows NT, and Windows 95/98. SC: Service Controller Query Tool - This tool provides a way to communicate with Service Controller (Services.exe) from the command prompt to retrieve information about services. ScList: This command-line tool can show currently running services, stopped services, or all services on a local or remote computer. SecAdd: This command-line tool enables you to add user permissions to a registry key or removed "Everyone" group. Setspn: Manage Service Principal Names for an Active Directory directory service account. SetupMgr: Setup Manager - This wizard is a deployment tool that assists system administrators in automating the installation or upgrading of Windows 2000 on multiple computers, eliminating the need to monitor these operations. Setx: Sets environmental variables in the the user or computer environment. ShowACLs: This command-line tool enumerates access rights for files, folders, and trees. It allows masking to enumerate only specific ACLs. ShowDisk: This command-line tool reads and displays the registry subkey HKEY_LOCAL_MACHINE\SYSTEM\DISK. ShowGroups: This command-line tool shows the groups to which a given user belongs, optionally within a given network domain. ShowMembers: This command-line tool shows the usernames of members of a given group, optionally within a given network domain. Showperf: Performance Data Block Dump Utility - Dumps the contents of the Performance Data block so you can view and debug the raw data structure. ShutDown: Remote Shutdown - Remote Shutdown is a command-line tool that allows you to remotely shut down or reboot a computer running Windows 2000. ShutGUI: Remote Shutdown GUI - Shutgui.exe allows you to remotely shut down or reboot a computer running Windows 2000. It can be run either with command-line parameters or without. SIDwalker: This set of programs helps system administrators manage access-control policies on Windows 2000 and Windows NT systems. Access control is implemented by access-control lists (ACLs). SNMP Monitor - SNMP Monitor is a tool that can monitor any SNMP MIB variables across any number of SNMP nodes. SNMPutil & SNMPutilG - SNMP Browser is a tool that lets you get SNMP information from an SNMP host on your network. SnmpUtilG is a graphical tool that complements the older command prompt SNMP browser tool (Snmputil.exe). Soon: Near-Future Command Scheduler - Schedules commands to run within the next 24 hours. Applications as Services Utility: With Srvany, you can configure any Windows application so that it runs as a service. SrvCheck: This command-line tool lists the non-hidden shares on an computer running Windows 2000 and enumerates the users on the ACLs for that share. SrvInfo: This command-line tool displays information, such as available disk space and partition types, about a remote server.



SU: SU lets you start a process running as an arbitrary user. It is named after the SU (Switch Users) utility of the UNIX family of operating systems. SubInAcl: With this command-line tool, administrators can obtain security information on files, registry keys, and services, and transfer this information from user to user, from local or global group to group, and from domain to domain. SvcMon: Service Monitoring Tool - This tool monitors services on local and remote computers for changes in state (starting or stopping). Sysprep: Use this tool to prepare your system before changing SID using SIDwalker. TakeOwn: TakeOwn is a command-line tool that cleans up multiple boot drives without formatting the drive. Using this tool, you can delete an installation of Window 2000 from a local computer. TextViewer: TextViewer provides a graphical interface for quickly viewing text files on local or shared drives. Timethis: Times how long it takes to execute a given command. Tracedmp: Processes a trace log file or real time trace buffers and converts them to a .csv file. Traceenable: Enables tracing and displays current tracing options. Tracelog: Starts, stops or enables trace logging. Terminal Server Capacity Planning Tools Hotfix - Suite of tools that assist organizations with Windows 2000 Terminal Services capacity planning. TimeOut: Timeout is a command-line tool that causes the command processor to pause execution for the number of seconds specified by the time (#) parameter, after which it continues without requiring a user keystroke. TimeThis: TimeThis times how long it takes the system to execute a given command. Timezone: Daylight Savings Time Update Utility - This command-line tool updates the daylight savings information for a time zone in the registry. TrustDom: Trust Domain Setup - This command-line tool can help manage trust relationships. Using TrustDom, administrators can view, create, and delete trust relationships between Windows 2000 and Windows NT domains. TypePerf: Performnce Data in the Command Window - This command-line tool displays real-time data from Performance Monitor counters in a command window. TZedit: Time Zone Editor - You can use Time Zone Editor to create and edit time zone entries for the Date/Time option in Control Panel. UserDump: User Mode Process Dumper - UserDump.exe is a command-line tool that creates a dump file for user mode debugging. UserDump does not use Dr. Watson and does not invade the target process as a debugger. User Input for Batch Files: Choice prompts the user to make a choice in a batch program by displaying a prompt and pausing for the user to choose from among a set of keys. User State Migration Tool - Helps migrate a user's documents and settings (state) before an operating system migration to Windows 2000. UsrStat: This command-line tool displays the username, full name, and last logon date and time for each user in a given domain. Vadump: Virtual Address Dump - Shows the state and size of each segment of virtual address space. Vfi: Visual File Information - Visual File Information retrieves and generates file information. W3who.dll: Browser Client Context Tool - ISAPI application DLL that displays the



browser client context. Lists security identifiers, privileges, env variables. WaitFor: This command-line tool waits until a signal is given across the network. Multiple machines can wait for the same signal. Whoami: Returns the domain or computer name and the user name of the user currently logged onto the computer on which the tool runs. WinDiff: File and Directory Comparison - WinDiff shows the differences between specified ASCII text files or folders of ASCII text files. WinAt: Command Scheduler - Command Scheduler can be used to schedule commands on a local or remote computer to occur once or regularly in the future. Winexit: Windows Exit Screen Saver - WinExit is a screen saver that logs the current user off after the specified time has elapsed. Windows ATM ARP Server Information Tool - AtmArp is a command-line tool designed to assist network administrators and support personnel in troubleshooting the status of the Asynchronous Transfer Mode (ATM) ARP/MARS Service that ships with Windows 2000. Windows ATM LAN Emulation Client Information - AtmLanE is a command-line tool designed to assist administrators in troubleshooting the status of the Asynchronous Transfer Mode (ATM) LAN Emulation (LANE) client that ships with Windows 2000. WinMsDp: WinMsdp is a command-line version of the Windows 2000 Diagnostics tool (Winmsd.exe). It provides information about your system configuration and status. WinSCHK: This command-line tool checks name and version-number inconsistencies that may appear in Windows Internet Name Service (WINS) databases, monitors replication activity, and verifies the replication topology in an enterprise network. It is particularly useful for WINS administrators. WINS Administrator Tools: WinsCl can monitor WINS activities and examine WINS databases. It can also send commands to WINS to initiate an activity such as replication, scavenging, registering/querying a record, or doing backup/restore operations. Winsta: WinStation Monitor - Monitors the status of all users logged on to a Windows 2000 Terminal Server. Wntipcfg: Windows NT IPConfig Utility - Gives you information about your IP configuration. Xcacls: Sets all file-system security options accessible in Windows Explorer.


• Download GPMC • Download IIS 6.0 Resource Kit • Download IIS 6.0 Reskit Tools • Download Office 2000 Reskit Tools • Download Office System 2003 Reskit Tools • Download Office XP Reskit Tools • Download RDP 5.2



• Download Windows 2000 Adminpak • Download Windows 2000 SP4 Deploy Tools • Download Windows 2000 SP4 Support Tools • Download Windows 2003 Adminpak • Download Windows 2003 Reskit Tools • Download Windows 2003 SP1 Support Tools

• Download Windows 2003 Deployment Kit • Download Windows XP Reskit Tools • Download Windows XP SP1 Deploy Tools

Links Windows Deployment and Resource Kits Free Windows 2000 Resource Kit software tools Microsoft Resource Kit tools at Dynawell Download Windows 2000 SP3 Support Tools (10.24mb) List of available support tools - You can download any one of them as an individual download if you want. A Microsoft FTP Site with many of the older Reskit tools - ftp://ftp.microsoft.com/reskit up back



ftp://ftp.microsoft.com/reskit

Forgot the Administrator password

Documents

Transcript of Forgot the Administrator password