Fellow MVP Dana Epp goes through the steps to change the domain admin’s password on a DC where that password is not known or lost in episode 105 of Crack the Cred.
It is very easy to do.
This is five minutes of any IT administrator’s life that is well spent. Period.
As Dana notes, the only way to protect that DC is by having the system partitions encrypted by BitLocker. Physical security for that DC is a close second.
We explain this situation to all of our clients and potential clients as a part of our IT Solutions Vision. Securing their systems is always a part of the conversation especially since many folks have those servers running in closets that are shared with anything from copiers to stationary!
Awesome job Dana!
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book
*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.
Windows Live Writer