Crack local password

Recently had an issue where the local Administrator password was lost for a Windows 2008 R2 server.

This is how I changed the password of the Administrator’s account using the Windows 2008 R2 installation DVD / ISO image.

Boot from the Microsoft Windows Server 2008 R2 DVD / ISO image (I used ISO server didn’t even have DVD Drive)

From the Install Windows menu, click “Next”.

Select “Repair your computer”

In the System Recovery Options, selected the OS instance and clicked “Next”.

Selected “Command Prompt”.

At the command prompt, I ran the following commands:

c:
cd windows\system32
ren Utilman.exe Utilman.exe.old
copy cmd.exe Utilman.exe

Rebooted the server allowed Windows to load as normal

At the logon screen, pressed Windows Key + U.
At the command prompt, entered the following command:

net user administrator NewP$sswOrd (Whatever PW you want it to be)

This set the password for the Administrator user to NewP$sswOrd.

Closed the command prompt, and was able to log back onto the server using the password from the last step.

Got in using this old trick but for good measure I put everything back….

Repeated the steps above about booting using the Windows Server 2008 R2 DVD/ISO and run the command prompt again.

Delete the newly created Utilman.exe from C:\Windows\System32
Rename Utilman.exe.old back to Utilman.exe

That’s all there was, other than the documentation of the PW this time!! (It’s not NewP$sswOrd anymore)

Backup Audit Plan

What is your current backup process?

  • Who is in charge of the current backups?
  • Who has access to the backups?
  • What is your current backup schedule – nightly, weekly, incremental daily?
  • Who gets notified of successes and failures? Is it monitored?

Testing / Validation of the backed up files.

  • You are backing up your data, but have you ever restored a file and confirmed it?

Recovery Thresholds

  • What is the acceptable amount of data loss? For example, if you are doing nightly backups, and you have a hardware failure at 3PM, any work that was saved to those files during the day would be lost. Is that acceptable?
  • In the event of hardware failure or data loss, how long can your mission critical system be down?

What files are you are backing up?

Are you backing what think you are?

  • Accounting Software
  • Email
  • Shared Drive / Files Shares
  • User Directories
  • Legal Documents
  • Any databases with business critical data.
  • Applications and settings
  • License keys

Have you confirmed that the folder(s) with the data you care about the most are getting backed up?

When was the last time you checked to confirm that you are backing up what you think you are backing up?

Verify your retention periods.

How long do you need to save your files for?

For example, if you are backing up weekly, and you accidentally delete a file, 1 month later you realize you shouldn’t have deleted that file. If you are just backing up weekly and not keeping copies of backup tapes or using some method to store backup files, that file is gone – and without some serious effort will never be recovered.

 
 

Typical Best Practices for Rotation of Backup Media (tapes, USB drives, etc.)

Daily

  • (Monday – Thursday) (4 Backup Media ) – stored off-site

Weekly

  • Dedicated Friday backups that get pulled out of the rotation and stored off-site (4 backup media per month)

Monthly (Archive)

  • Pull 1 backup media of the weekly rotation once per month. (12 per year stored off-site)

DHCP Not handing out addresses after importing all settings?

Here is the scenario I ran into… Following the import of all DHCP data from a “soon to be retired” DHCP/DC (2003) to a new DHCP/DC (2008 R2) and the subsequent demotion of the old DHCP/DC, new DHCP leases were not being handed out to clients. The DHCP Server Service was restarted and the following error came into the System Event log.

 

image

Looks like following the Import the Bindings are not properly configured, which if you think about it makes sense as the adapter and/or the address would be different.

Here’s how to Configure the DHCP Server bindings.

http://technet.microsoft.com/en-us/library/cc774857(WS.10).aspx

GPO to map drive. Better than scripts in many ways.

The best way to map a drive is to use Group Policy Preferences, introduced in Windows Server 2008. Group Policy Preferences removes many of the reasons we had to use scripts in the past.

1. Open an existing Group Policy Object (GPO) (or create a new one linked to the domain or OU you want to map to).

2. Navigate to User Configuration, Preferences, Windows Settings, Drive Maps.

3. Right-click Drive Maps and select New, Mapped Drive.

4. To add a new mapped drive for users, select Create (or select Replace to replace an existing map drive that might already exist with the same letter).

5. Close Group Policy.

6. Enter the details for the share, a name, and letter, then click OK (see the screen shot below).

drivemapgpo_0

At next Group Policy refresh, during logon, the drive will be mapped.

Event ID 8026 is Logged in Event Viewer on Small Business Server 2003

Ignore these according to Microsoft.

http://support.microsoft.com/kb/828051/en-us

Hyper-V VM Configuration

http://blogs.msdn.com/b/robertvi/archive/2008/12/19/howto-manually-add-a-vm-configuration-to-hyper-v.aspx

 

Moving VHDs around in a lab. This save recreation.

Original Error

image

Unattended Windows Setup–A must have if you deploy more than a few machines

http://technet.microsoft.com/en-us/library/ff699026(WS.10).aspx

Configuration Passes

http://technet.microsoft.com/en-us/library/cc749307(WS.10).aspx

Rhonda Layfield – Good place to start, Author/Expert.

http://www.windowsitpro.com/Author/5739141/

Windows 7 Automatic Restart–Windows Update

The functionality of Windows Update automatic restarts has changed from the way it functioned in Windows XP. We all remember the postpone function that could be done indefinitely. Now in Windows 7 without the user interacting with the dialog, it will reboot the PC even if it’s locked or simply idle. I personally don’t see an issue, maybe an annoyance as you’d have to rearrange your windows again, but the state of requiring a reboot is not one to just “hang out” in. In short, don’t get up from your desk without saving that paper or spreadsheet you’ve been working on all day.

Here’s a way to Enable or Disable Windows Updates from Automatically Restarting the Computer.

Cannot change permissions in Component Services (2008 R2)

Own of the dig deep kind of things, where some persistence can solve those pesky DCOM errors, incidentally a lower level tech I once knew called “Not important”, hardly the case as DCOM stand for Distributed Component Object Model, and that’s what servers do.

http://blogs.msdn.com/b/emeadaxsupport/archive/2010/01/26/unable-to-edit-the-dcom-settings-for-iis-wamreg-admin-service-on-a-windows-server-2008-r2-when-trying-to-configure-kerberos-authentication-for-role-centers.aspx

 

http://www.wictorwilen.se/Post/Fix-the-SharePoint-DCOM-10016-error-on-Windows-Server-2008-R2.aspx

Dual boot your Windows 7 PC, add 2008 R2 and Hyper V

Special Thanks to Keith Combs, this is a fine post, that I’ve not personally tried but was able to implement for a presenter in my company. Not sure if there are hardware specifics.

http://blogs.technet.com/b/keithcombs/archive/2009/10/15/using-hyper-v-without-re-installing-your-world.aspx