Use the Offline NT Password & Registry Editor disk disk to reset the MACHINE Administrator password to “no password”.
Reboot, hit F8, and enter “Directory Service Recovery Mode”. The machine will boot up as a standalone server without any Active Directory support.
When the login screen appears, hit CTRL-ALT-DEL and log in as “Administrator” with no password. This is the MACHINE Administrator account, and does not have the ability to modify anything specific involving the Active Directory information, although it can backup and restore the physical files which contain the AD databases.
Run “REGEDIT.EXE” (without the quotes). Navigate to
Change the following values:
SCRNSAVE.EXE – change from logon.scr to cmd.exe
ScreenSaveTimeout – change from 900 to 15
ScreenSaveActive – change to 1 (if it wasn’t 1 already)
Reboot normally. When the box appears asking you to hit CTRL-ALT-DEL to log in, just wait.
After 15-30 seconds you will see a command prompt appear (since that is the screensaver).
In the command prompt, type the following command:
This should bring up the management console where you can edit users’ passwords, including the password for the Administrator account.
After resetting the Administrator password, exit the management console and type the command EXIT in the command prompt window.
Hit CTRL-ALT-DEL and log into the DOMAIN Administrator account using the new password!
Make sure you undo your changes to the registry.