|
Have you ever lost or forgotten the Administrator password?
(Perhaps after a heavy night on the town? )
One way of "getting back into the system" is described below in 15 relatively easy steps.
This method may be considered a little tedious by some, but it uses no
third party tools and will not damage the installation,
which I find is a big plus.
If you are more interested in regaining control
of your Administrator account through methods provided by third parties
then you could check out a commercial ($$$) tool called
LockSmith.
If you’re more interested in a freeware (Linux based!) solution you could check
out Offline NT Password and Registry Editor
- Shutdown the "faulty" Windows installation and install a new Windows
version (NT/W2k) on the same machine but in a DIFFERENT temporary directory
from the production one, maybe something like WINNT.TMP. Install just a basic
Windows NT or Windows 2000 system. You only need it to get the following work done.
- Logon to the new installed Windows (choose the correct boot menu option).
- Copy the Windows Resource Kit tool SrvAny.exe to c:\temp directory
(adjust drivellers as appropriate). This tool allows you to run any program
as a service. Just what the doctor ordered.!
- Start RegEdt32, go to: HKEY_LOCAL_MACHINE\SYSTEM\SELECT and
look up the value displayed on the right hand side for: Default.
This should be something like REG_DWORD : 0x1 or 0x2.
Chances are this is identical to what’s listed for Current.
This number corresponds to the ControlSetXXX you will load in a minute.
- Go back and now select HKEY_LOCAL_MACHINE
- Menu Registry -> Load Hive -> c:\winnt\system32\config\system.
(This should be pointing to your old, not accessible Windows installation, assuming it was on c:)
- Open this hive and give this hive the name: OLDNT (or something to your liking)
- Go to the following keys (below) and make note of their current values:
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
OLDNT\ControlSetXXX\Services\Spooler |
| Name: |
ImagePath |
| Type: |
REG_SZ (String value) |
| Value: |
<note this value to put it back later> |
The default for this value will be %SystemRoot%\System32\Spoolss.exe for NT 4.0
or %SystemRoot%\System32\Spoolsv.exe for W2k)
- Replace this value with: c:\temp\srvany.exe.
- Go to the following key and add following valuenames:
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
OLDNT\ControlSetXXX\Services\Spooler\Parameters |
| Name: |
Application |
| Type: |
REG_SZ (String value) |
| Value: |
c:\winnt\system32\net.exe |
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
OLDNT\ControlSetXXX\Services\Spooler\Parameters |
| Name: |
AppParameters |
| Type: |
REG_SZ (String value) |
| Value: |
user Administrator dunno |
This will set the administrator password to: dunno, or whatever you prefer to enter instead.
- Select OLDNT and from the menu Registry, Unload hive to write the changes to disk.
- Shut down this copy of Windows.
- Reboot the original copy and wait until there is no more disk activity,
indicating all of the services have been started.
Now logon as Administrator with password dunno
and you’re back in charge.!
- Start RegEdt32 to set the original values back into the respective registry keys you changed before.
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
OLDNT\ControlSetXXX\Services\Spooler |
| Name: |
ImagePath |
| Type: |
REG_SZ (String value) |
| Value: |
c:\temp\srvany.exe |
Change it back to what it was before: %SystemRoot%\System32\Spoolss.exe
(or %SystemRoot%\System32\Spoolsv.exe)
Also remove the previously added valuenames in:
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
OLDNT\ControlSetXXX\Services\Spooler\Parameters |
| Name: |
Application |
| Type: |
REG_SZ (String value) |
| Value: |
c:\winnt\system32\net.exe |
| Hive: |
HKEY_LOCAL_MACHINE |
| Key: |
OLDNT\ControlSetXXX\Services\Spooler\Parameters |
| Name: |
AppParameters |
| Type: |
REG_SZ (String value) |
| Value: |
user Administrator dunno |
- Close RegEdt32 and remove the new boot entries from boot.ini.
Also remove the additional new directories of the second install (WINNT.TMP) and you’re done.
|
