WinFix: Reset Password – Local Windows Administrator using SystemRescueCD

Reset Password
Comments

For Corporate administrator, we sometimes always overlook local administrator as we may use domain admin account to access the system. So, when local windows administrator is forgotten, SystemRescueCD can be used to reset password.

This tutorial is written to use SystemRescueCD to reset local windows administrator.


Pre-Requisites:

S1-1. Download SystemRescueCD ISO

 

Password Recovery Steps:

S2-1. Boot the system using SystemRescueCD

S2-2. Once SystemRescueCD boot menu appear, press Enter key to select default menu

SYSRESCUECD_01

S2-3. SystemRescueCD will ask for keyboard layout, press Enter to accept default keyboard

SYSRESCUECD_02

S2-4. Once the boot is completed, the system will logon with root privilege

SYSRESCUECD_03

S2-5. Execute fdisk -l to list all harddisk

SYSRESCUECD_04

/dev/sda1 (HDD 1: 375 MB) : Windows Bootloader (MSR partition)
/dev/sdb1 (HDD 2:10.7 GB) : Windows System Drive

S2-6. Before mounting Windows System Drive, we need to check the mount folder /mnt/windows

exist by executing the following command:
#ls /mnt

SYSRESCUECD_05

If the folder does not exist, execute the following command to create mount folder:
#mkdir /mnt/windows

S2-7. Mount Windows System Drive using ntfs-3g

#ntfs-3g /dev/sdb1 /mnt/windows

SYSRESCUECD_06

If you encounter error after executing the above command as shown below:

SYSRESCUECD_20

This error is due to new features in Windows 8/2012 called “fast startup”
(refer to NTFS-3G Wiki for details)

The solution is to reboot the system and shutdown.
However, if windows always boot into recovery mode,  try using
Windows 8/2012 DVD and shutdown the system.

S2-8. Change directory to SAM database

#cd /mnt/windows/Windows/System32/config

S2-9. List all Windows Users

#chntpw -l SAM

SYSRESCUECD_08

S2-10. Reset password

#chntpw -u <WINDOWS_ID> SAM

Note: <WINDOWS_ID> is case sensitive as shown in item 9

SYSRESCUECD_10
SYSRESCUECD_09

Option 1 to reset to blank password and Enter “y” to write hive files

SYSRESCUECD_11

Option 2 to change user password with new password and Enter “y” to write hive files
If the password is BLANK, Option 2 cannot be used to change password.

SYSRESCUECD_12

S2-11. To exit SystemRescueCD, Execute with the following command:

  • To restart system
    #reboot
  • To turn off system
    #poweroff
Updated: 27/04/2016 — 12:19 PM

Leave a Reply

Your email address will not be published. Required fields are marked *