DSRM Mode password reset in windows server 2008

The article explains the steps to be done to reset the Directory service restore mode password for AD servers in a domain. This is done using ntdsutil tool.

-On the command prompt, type ntdsutil
- On the ntdsutil> prompt, type "set dsrm password"
-You will get the following prompt - Reset DSRM Administrator Password:
-Type the command to reset the dsrm password on the server of your choice at this point
  •  If you want to set password on the server that you are logged in currently, type "reset password on server null"
  • If you want to reset password on another Ad server in the same domain type "reset password on server <DNS name of the target AD server> "
-Next you will be getting prompts for typing and confirming the new password
-Enter and confirm the new passwords
-Once done, type 'q' to quit the DSRM as well as the ntdsutil command prompt

PS: Good news is that , as you can see, you need not know the old DSRM password. So this will work in cases where you forget the DSRM password that you set initially

Note: You cannot change the DSRM password on a server that is currently in DSRM mode, neither locally nor remotely from another AD in the sam domain






 

Comments

Popular Posts