HowTo: Reset the Domain Admin password on Windows Server 2008 / R2

How to reset the Domain Admin password for Windows Server 2008 / R2 with only a Windows 2008 Server installation media if youre the type to lose passwords.

1.    Boot into install disc
(Windows Server 2008)
2.    Select language options and click next
3.    Click Repair (bottom left) > Next
4.    Click Command Prompt
5.    (cd to C:\Windows\System32)
6.    >move Utilman.exe Utilman.exe.bak
7.    >copy cmd.exe Utilman.exe
8.    Restart and boot into server 2k8
9.    Keyboard Shortcut : Windows + U
10.    Command prompt opens
11.    >net user administrator (password)
12.    Or just type ‘net user’ to see syntax help and figure out what you want to do

Obviously rename the files back once you are finished to avoid any issues down the track.

How to change the password in Symantec AntiVirus Corporate Edition 10.x

Document ID: 2005041217010148

About the server group password
The “Remember this user name and password for me” check box saves a password so that you do not have to enter it the next time the server group is opened. Also, if you “Automatically unlock this Server Group when I start the Symantec System Center,” the password is saved in a secured cache.

To no longer save the server group password

  1. In the Symantec System Center console, in the left pane, right-click a locked server group, and then click Unlock Server Group.
  2. Uncheck Remember this user name and password for me.
  3. Uncheck Automatically unlock this Server Group when I start the Symantec System Center.
  4. Click OK.
  5. Exit the Symantec System Center console.
  6. When you are prompted to save, click No.

The server group is now configured to prompt for a password, and the server group will not be unlocked automatically when you start Symantec System Center.

Reset the Symantec System Center admin user password
You can use the Password Reset Utility to reset any user’s password. You must have Administrator access to the primary server of the server group.

To reset the Symantec System Center admin user password

  1. On the computer running Symantec System Center, start Windows Explorer.
  2. Go to \Program Files\Symantec\Symantec System Center\Tools.
  3. In the right pane, double-click the IFORGOT.exe file.
  4. In the Primary server field, type the name of the server group’s primary server.
  5. In the user field, type admin
  6. In the New Password and Confirm New Password fields, type the new password.
  7. Click Reset Password.
    You may be prompted for a Windows user name and password if you specify a remote server.

For information about creating and managing user accounts in Symantec System Center, see the document Using Symantec System Center roles in Symantec AntiVirus 10.x and Symantec Client Security 3.x.

Use a client uninstallation password
It is possible to configure the client component of Symantec AntiVirus to request a password before allowing a user to uninstall it. By default, this feature is enabled, but often the password is not set by an administrator. When the client can communicate with the server, the password can be reset or disabled.

To require a password before uninstalling

  1. In the Symantec System Center console, right-click a server, a server group, or a client group, and then click All Tasks > Symantec AntiVirus > Client Administrator Only Options.
  2. On the Security tab, check Ask for password to allow uninstall of Symantec AntiVirus Client.
  3. Click Change.
  4. In the Configure Password dialog box, type a new password, and then confirm by typing the password again.
  5. Click OK, and then click OK again.

If the client system needs to be uninstalled but can no longer communicate with the parent server, please contact Symantec Technical Support for assistance.

Use a client network scan password
In a networked environment where most, if not all systems are running some form of antivirus software, it is inefficient to allow the systems to perform real-time or manual scanning of network resources. In such a setting, the network resources are already protected by the local antivirus system. However, it may not be desirable to completely disable this functionality as you may want to remote scan a system at a later date. The best solution is to implement a password known only to the system administrators that prevents casual scanning of network resources, while leaving it available as a useful tool. If the client system can still communicate with the parent server, the password can be reset or disabled.

To require a password before uninstalling

  1. In the Symantec System Center console, right-click a server, a server group, or a client group, and then click All Tasks > Symantec AntiVirus > Client Administrator Only Options.
  2. On the Security tab, check Ask for password to allow scan of Mapped Network Drives.
  3. Click Change.
  4. In the Configure Password dialog box, type a new password, and then confirm by typing the password again.
  5. Click OK, and then click OK again.

Change all ESX root passwords

Another great script from Arnim van Lieshout.

With this script you can change all ESX root passwords at once:

#
# This script changes the root password on all ESX hosts in the esxservers.txt textfile
# 

# Add VI-toolkit #
Add-PSsnapin VMware.VimAutomation.Core
Initialize-VIToolkitEnvironment.ps1# Get old root credential
$oldrootPassword = Read-Host “Enter old root password” -AsSecureString
$oldrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$oldrootPassword

# Get new root credential
$newrootPassword = Read-Host “Enter new root password” -AsSecureString
$newrootCredential = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$newrootPassword
$newrootPassword2 = Read-Host “Retype new root password” -AsSecureString
$newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist “root”,$newrootPassword2

# Compare passwords
If ($newrootCredential.GetNetworkCredential().Password -ceq $newrootCredential2.GetNetworkCredential().Password) {

 # Create new root account object
 $rootaccount = New-Object VMware.Vim.HostPosixAccountSpec
 $rootaccount.id = “root”
 $rootaccount.password = $newrootCredential.GetNetworkCredential().Password
 $rootaccount.shellAccess = “/bin/bash”

 # Get list of Host servers from textfile to change root password on
 Get-Content esxservers.txt | %{
  Connect-VIServer $_ -User root -Password $oldrootCredential.GetNetworkCredential().Password -ErrorAction SilentlyContinue -ErrorVariable ConnectError | Out-Null
  If ($ConnectError -ne $Null) {
   Write-Host “ERROR: Failed to connect to ESX server:” $_
  }
  Else {
   $si = Get-View ServiceInstance
   $acctMgr = Get-View -Id $si.content.accountManager
   $acctMgr.UpdateUser($rootaccount)
   Write-Host “Root password successfully changed on” $_
      Disconnect-VIServer -Confirm:$False | Out-Null
  }
 }
}
Else {
Write-Host “ERROR: New root passwords do not match. Exiting…”
}

Example esxservers.txt:

esx001.yourdomain.local
esx002.yourdomain.local
esx003.yourdomain.local
esx004.yourdomain.local

Download: [wpdm_file id=9]

Reset DS4700 password

Log on to controller A with a serial or telnet connection (close the Storage manager client)

Log on with the following credentials:

User=  shellUsr
Password= wy3oo&w4

Type in the following commands:

loadDebug
isp clearSYMbolPassword
“Unld ffs:Debug”

The password should be set to the default (infinity), a reset of the controllers is not necessary.

Tested on firmware 07.15.07.00