Making a server on one domain the domain controller of a new domain

Ok, so I'm stepping through the Windows Server 2003 Environment
Training Kit for the 70-290 exam. Obviously, one of the first steps is
setting up a Domain Controller. Rather than building a server from
scratch, I figured I would use one of the staging servers that we have
on hand and just skip the base operating system installation steps and
jump right to the install of the Domain Controller piece.

Server:
The server was running Windows Server 2003 Standard R2 and belonged to
another domain.

Problem:
The first part of the install completed successfully, it asked me to
make it it's own DNS server, which I did. Then it asked for a reboot. I
rebooted the machine and was then prompted to login (obviously). I
don't know what to use to login. So now I'm stuck.

The "log in to" box has one option - contoso (the domain the training
kit had me set up). The local machine name is not listed (did that get
blown away in the domain creation process?), literally, nothing but
CONTOSO. So I tried "Administrator" and the password that used to work
(when it belonged to our primary domain). I tried no password. I'm at a
loss.

I know I could rebuild the machine from scratch but it has a few files
I'd like to keep on it. No biggie if I just can't, but it's also kind
of a matter of principle, you know? I'd like to be able to fix the
problem.

It's also probably worth noting that the machine is in the office and
I'm sitting on my recliner at home. I'm using Remote Administrator to
gain console access to the machine. Of course, I'll be back in the
office FAR too soon .

Thanks in advance.

 

Hi Limited,

Good You cannot log on locally to a domain controller, which means
that the dcpromo worked. If this is the first DC in the forest then the
username will be Administrator, and the password would be the one you
supplied during the setup process.

If you do not remember that then there are a couple of utilities out there
that could recover it, but frankly if this is a test machine with nothing on
it it will take less time and money to simply start from scratch.

Good luck!

M

 

If you don't remember the password, you can use this utility to reset/change
it. http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html

You might find it useful to instead download the Ultimate Boot CD which has
this utility and DOZENS more. (All of this is free by the way). Check out
UBCD at http://www.ultimatebootcd.com/.

Good luck,

Jonathan

 

Hi Jonathan,

Actually the reason I did not suggest either of those utilities is because
if I am not mistaken they only work for local user accounts, which a domain
controller does not have. Please correct me if I am wrong!

M

 

Thanks so much for the reply.

Was there really a point where I specified a password? How embarrassing
- I can't remember doing that AT ALL (Does this mean I'm officially
old?!?).

FWIW, I tried using the two passwords I might have used and neither
worked - I can't believe it. Did I really set a password?

I'll believe you. Tomorrow I'll try a password reset utility I have -
just ticked that I'm stumped over something so stupid as not paying
attention during setup - but I really don't remember setting a
password.

Thanks - I'll let you know the final resolution.

-Limited Wisdom
(hey, it's all I got)

 

Ahh yes, sorry -- you are correct. I have never had occassion to use it on
a DC. Relevant info below:


I tried it on Win2k PDC (Active Directory), and it didn't change the
password.
a.. ActiveDirectory (AD) is a completely different database.
b.. There is no support for directly changing passwords in AD.
c.. To clear things up: The Active Directory SERVER itself is not directly
supported, but workstations (w2kprof) and servers (w2k server) that is just
MEMBERS of the domain can have their LOCAL passwords changed by the utility.
d.. But..
e.. John Simpson has made instructions on how to reset that pesky lost
administrator password in AD.
f.. Many thanks goes to John for this!
g.. And I may as well in a future relase make a frontend for the
screensaver trick he uses, so it will be even easier.
Link is: http://www.jms1.net/nt-unlock.html

PS. That link doesn't work in IE due to the author's "religious" beliefs.
Use Firefox instead...

Jonathan

 

Jonathan, you crack me up!

I didn't attempt to use a password reset utility, but I did just
reinstall the OS. Turns out, the files I needed were on a separate
drive - so I figured that would be the easiest solution.

Anyway, I was never prompted for a password during the install, but I
noticed that it said (in the very last dialog box) Domain Administrator
password will be the same as the Administrator password.

Thanks all for the help (and the useful link - that's one to keep in
your back pocket).
-LW

 

Glad you got it working!

Jonathan