Use Linux to reset Windows server administrator password

Jephe Wu

It's possible you might forget your Windows server administrator password or it's locked after you tried too many times. But don't worry, there's a nice tool 'chntpw' which can help you to reset and unlock it. The following example was tested on Windows 2003 server.

1. download the Linux rescue CD - RIP(Recovery Is Possible)
note: to reduce download time. Non-X version is enough.
2. reboot your Windows server with this CD, you might want to choose option 2 to skip keyboard map
3. login as root without password
4. run the following commands to mount Windows 2003 server partition as read-write
cd /mnt

mount -t ntfs-3g /dev/sda1 win -o force
(assuming your Windows partition is /dev/sda1, you can use fdisk command to find out)
note: to make sure you mounted Windows partition as read/write, you can try to run command
touch /mnt/win/testfile to confirm it won't give you any error.

cd win/WIN2K03/system32/config

chntpw SAM

then follow the screen instruction
first, answer y to reset/unlock the counters
then enter * to blank password
finally, enter y all the way to finish

5. finishing up
cd /mnt
umount win

1. you can use chntpw SAM -l to list all Windows users
2. use chntpw SAM -u user1 to unlock/reset user1 password
3.  (NTFS 3G website)