How to Reset Directory Service Restore Mode Password in Windows Server

Windows Server Password
2024.08.13
Approved

2 Options to Reset Directory Service Restore Mode Password in Windows Server 2012 (R)/2008 (R)/2003 (R)

What is DSRM?

Directory Service Restore Mode (DSRM) is a boot mode on a Domain Controller for repairing and restoring Active Directory data. You have to use DSRM to login locally on a Domain Controller if there is a need to repair or restore Active Directory database.

The DSRM password is set during the process of promoting member server to a Domain Controller. Your Domain Controller's Directory Services Restore Mode password is among the most powerful logins on any Windows network. If your DSRM password is cracked by others, they can copy and change the Active Directory database, and reboot the server.

If you forgot the password, you'd better reset Directory Services Restore Mode password as soon as possible.

 

How to Reset DSRM Password?

Here I will share two options to reset forgotten DSRM password on your Windows Server 2012 (R)/2008 (R)/2003 (R).

1. Reset DSRM Password with Ntdsutil

Ntdsutil utility is a free nice solution to a forgotten local DSRM administrator password. However, it just works for Windows Server 2003 and later. Just follow the detailed instructions as below:

  • Step 1: Run the ntdsutil command from an elevated command prompt.
  • Step 2: To open an elevated command prompt, click Start, right click Command Prompt, and then type ntdsutil.
  • Step 3: At the ntdsutil command prompt , type set dsrm password.
  • Step 4: At the DSRM command prompt, type the different command lines as to your situation:

    To reset DRSM password on the server on which you are working, type reset password on server null, null represents the local server where you are. Type the new password when you are prompted. Note that no characters appear while you type the password.

    To reset the password for another server, type reset password on server servername. Servername is the DNS name for the server on which you are resetting the DSRM password. Type the new password when you are prompted. Note that no characters appear while you type the password.
  • Step 5: Type the new password when prompted (note no characters will appear)
  • Step 6: At the DSRM command prompt, type q and then press enter

    reset dsrm password
  • Step 7: At ntdsutil command prompt, type q and then press enter to exit
 

2. Use Windows Password Key Program

Windows Password key standard can be free downloaded to crack DSRM password (including administrator password) with just a few clicks. No special skills needed. Remember to choose the Enterprise version.

  • Step 1: Prepare another workable Windows computer. Install and run Windows Password Key on it.
  • Step 2: Burn the ISO image file of this program to a blank USB. Insert the USB and then click "Burn". "Quick Recovery" and "Advanced Recovery" are offered. Choose one.
  • Step 3: Pull out the USB and insert it into your Domain Controller. Then your Windows Server will reboot.
  • Step 4. Choose the account whose password you want to reset.

    reset dsrm password

Now, you have removed your forgotten Directory Service Restore Mode password successfully.

Either option you choose, you can achieve your goal. Additionally, Windows Password Key can also used for Windows 10/8/7/Vista/XP local password cracker.

 
Related Articles
Windows Server 2008 Password Complexity Requirements
How to reset Windows Server admin password
How to reset Windows Server 2008 DC password?
 

 

comments powered by Disqus

;