Reset an administrator password using ADSelfService Plus | ManageEngine

An Active Directory (AD) domain admin account should have the highest level of security as it acts as an all-access pass to an organization's confidential and important resources. But resetting admin passwords is no cake walk. We'll show you the process for accomplishing this below.

1. Boot from the Windows Server 2012 R2 DVD. You can use the ISO file for virtual machines.
2. When the Windows Setup screen displays, click Next.
3. Open the Command Prompt by pressing Shift + F10.
4. Enter the following at the command prompt:
   move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak
5. Substitute utilman.exe with cmd.exe by entering the following at the command prompt:
   copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe
6. You can now remove the boot media and reboot Windows PE.
7. Once the server is running again, go to Utility Manager.
8. Enter the following in the command prompt that opens:
   net user administrator *
9. Now you can reset your admin password. Once done, close the command prompt and login with the new password.

Reset admin password with ADSelfService Plus

ManageEngine ADSelfService Plus is an integrated self-service password management and single sign-on solution that can simplify your admin password resets. With ADSelfService Plus, you do not have to go through the ordeal of finding the booting media, or struggling with the command prompt. You can have a smooth and secure password reset experience with our simple and efficient user interface, and advanced multi-factor authentication.

Let's see how ADSelfService Plus simplifies AD admin password resets:

Prerequisites

1. Download and install ADSelfService Plus if you have not already.
2. Complete the basic configurations.
3. Ensure that the AD admin account is enrolled in ADSelfService Plus.

Steps to reset an AD admin password

With ADSelfService Plus, AD passwords can be reset from the login screen of the ADSelfService Plus portal, mobile app, and mobile website.

1. Click the Reset Password/Unlock Account button.

   

2. In the ADSelfService Plus pop-up, select Reset Password.

   

3. Enter your username and click Continue.

   

4. Next, you need to complete the multi-factor identity verification process. You can customize this process by enforcing the desired identity verification factors to suit your organization's needs.

   Authentication factor 1: Face ID
   

   Authentication factor 2: Google Authenticator

   Authentication factor 3: Security questions

5. Now you can reset your password.

   

6. If the password meets all the password complexity requirements, it will be successfully reset.

Why use ADSelfService Plus to reset your AD admin password

• Simplified password reset: You don't have to go through the trouble of finding the booting device and typing the right commands to reset the admin password.
• Password reset from anywhere: With ADSelfService Plus, you can reset your password from your machine's login screen, any web browser, mobile app, and mobile site.
• Multi-factor authentication: Secure admin password resets with over 15 advanced authentication methods, including biometrics, YubiKey, Google Authenticator, etc.
• Password reset notification: Stay alert with instant password reset notifications received through email, SMS messages, and push notifications.
• Password policies: You can create a separate password policy for privileged user accounts, including the admin account, that can contain the password reset process within restricted environment and that requires additional identity verification factors.