Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
How to Change the Recovery Console Administrator Password on a Domain Controller
Article ID: 239803 - View products that this article applies to.
This article was previously published under Q239803
NoticeThis article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(http://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
When you promote a Windows 2000 Server-based computer to a domain controller, you are prompted to type a Directory Service Restore Mode Administrator password. This password is also used by Recovery Console, and is separate from the Administrator password that is stored in Active Directory after a completed promotion.
The Administrator password that you use when you start Recovery Console or when you press F8 to start Directory Service Restore Mode is stored in the registry-based Security Accounts Manager (SAM) on the local computer. The SAM is located in the %SystemRoot%\System32\Config folder. The SAM-based account and password are computer specific and they are not replicated to other domain controllers in the domain.
For ease of administration of domain controllers or for additional security measures, you can change the Administrator password for the local SAM. To change the local Administrator password that you use when you start Recovery Console or when you start Directory Service Restore Mode, use one of the following methods.
Method 1If Windows 2000 Service Pack 2 or later is installed on your computer, you can use the Setpwd.exe utility to change the SAM-based Administrator password. To do this:
(http://support.microsoft.com/kb/271641/EN-US/ )The Configure Your Server Wizard Sets Blank Recovery Password
For additional information about how to secure the local SAM, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/223301/EN-US/ )Protection of the Administrator Account in the Offline SAM