Javascript required
Skip to content Skip to sidebar Skip to footer
Home / How to Remove Administrator Password in Windows 10 Without Login

How to Remove Administrator Password in Windows 10 Without Login

  1. Home
  2. Windows
  3. Windows 10

The computer was accidentally deleted from the domain, the laptop still believes it's in the domain but when I try to log in it gives this error message "The security database on the server does not have a computer account for this workstation trust relationship." I forgot the local admin password, I created a new computer in active directory. How can I reset the local domain password without logging into Windows 10, or reinstalling windows again?

Popular Topics in Windows 10
Which of the following retains the information it's storing when the system power is turned off?
  • ROM
  • CPU
  • RAM
  • GPU
88% of IT pros got this right.

34 Replies

joseespitia
joseespitia This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 14, 2019 at 18:46 UTC

It's been a while since I have done this but you should still be able to use Hiron's Boot CD to reset the local administrator account.

Bryan Doe

Or offline nt password, or any of them really should work. This is also why full disk encryption like Bitlocker and restrictions on boot devices are important, because anyone could do this to your laptops.

Edited Oct 15, 2019 at 11:13 UTC
dimforest
dimforest This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 14, 2019 at 18:48 UTC

You'll need to use Hiren's or some other method to clear that password.

Before you do that, remove the computer object from AD, clean up DNS, and THEN you should be able to safely add it back to the domain. Otherwise you may run into issues trying to add it back because it'll think you're creating a duplicate name.

Mike_Choices
Mike_Choices This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 14, 2019 at 18:53 UTC

Have you tried disabling the NIC(s) and logging on with a cached domain account/password?

jpcastill
jpcastill This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 14, 2019 at 19:22 UTC

Typically when its removed from the Domain on a domain user, it acts like the last account on the OS is the domain. Which is not accessible.

Only real way i have been able to gain access is the CMD utilman trick, and need to create a user with the same domain user. This is the best way i have done it, or check if the admin account is there but inactive.

Hirens BootCD typically works for me for a password, but not with after Domain Disconnect.

https://4sysops.com/archives/reset-a-windows-10-password/

just need to make sure what your drive name incase it is not C:

Jim Schuuz
Jim Schuuz This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 14, 2019 at 19:55 UTC

Just unplug the NIC.  The machine will use the cached machine token from AD, and then allow you to login with the last domain admin account/password you used on that computer.

From there you can create a new local admin, change the password on another account, etc.

spicehead-pnypk
spicehead-pnypk This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 14, 2019 at 20:49 UTC

Tried Hiron's Boot CD to change admin password, but it got stuck on booting the kernel.

Bryan Doe

As mentioned, try unplugging it, or try this one: http://pogostick.net/~pnh/ntpasswd

Justin1250
Justin1250 This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 02:16 UTC

Why not just restore the original computer object in AD? How long ago was it deleted?
AD recycle bin?
Authoritative restore from back up?
Tombstone reanimation?
All should work.

Manannan
Tim Ligtvoet
Tim Ligtvoet This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 09:40 UTC

Happens here too and therefor we started using LAPS

https://www.microsoft.com/en-us/download/details.aspx?id=46899

For now it's to late, but for the future... Even if it fell out of a domain I can access the latest local Admin pass from the DC.

Only thing to keep in mind is that if a PC has been out of domain for 90 days the pass probably wont work anymore, but thats all about how you configure it.

eyre.jr
eyre.jr This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 10:55 UTC

Could try temporarily replacing utilman with cmd by booting from installation media:

  1. Boot to install media, press shift +f10 to bring up command prompt.
  2. move c:\windows\system32\utilman.exe c:\windows\system32\utilman.exe.bak (replace c with your system drive letter)
  3. copy c:\windows\system32\cmd.exe c:\windows\system32\utilman.exe
  4. Reboot computer
  5. Once booted, click the Ease of Access icon on the lower right corner
  6. You should now have a command prompt - use "net user X Y" to reset the password (replace X with username, Y with the password you want)
  7. Don't forget to delete utilman.exe and rename utilman.exe.bak back to utilman.exe
spicehead-pnypk
spicehead-pnypk This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 13:04 UTC

Replacing utilman with cmd worked for me. Thank you

Wynot
Wynot This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 14:03 UTC

I checked this thread because we've tried Offline NT and the Utilman trick on Win 10 PCs and neither of them have worked.

spicehead-pnypk​ you can confirm that utilman worked for you on a Win 10 PC?  I wonder if it depends on the build.

ScottyC87

yup bash it open with Hirens !

amorrissey85
TripleDub1973
TripleDub1973 This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 14:53 UTC

Hiron's is old school but still BADASS!!

Dwayne9111
Dwayne9111 This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 18:29 UTC

If you are able to access the system with a domain account that is also a member of the local admin group, even while disconnected from the network asMike_Choices​ mentioned, if you enter the run command "control userpasswords2" you can change the password there for the local admin account.

John3367
John3367 This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 19:00 UTC

Mike_Choices wrote:

Pogostick should work too.

http://pogostick.net/~pnh/ntpasswd/

This is the way to do it.  This is a program that makes a bootable Linux CD or US Stick.  Once it is created which is very easy... (Format the USB stick) copy the files to the USB.  It will boot.  Plug into  your Laptop, boot the laptop  and the USB stick will turn on and you will be presented with some questions.  One will be list the users, choose this to see the usernames on the laptop (it reads it form the registry).  Remember on Windows 10 the administrator account is disabled by default.  There is an option to enable it.  Then it also will allow you to change its password or to OVERWRITE the password.  It is so simple to just pick a *BLANK* password and reboot.  Then the account is ready to be used.  Take out the USB stick and boot to windows with the username and *BLANK* password and then reset it.

The only trick is to pick the option to WRITE it back... or Save the settings you picked at the end.

Takes about 10 mins to do.

Stevejohns29
Stevejohns29 This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Oct 15, 2019 at 20:09 UTC

Unplug the network cable and log in with a cached account. Then plug the cable back in and rejoin the domain.

Robert1501

eyre.jr wrote:

Could try temporarily replacing utilman with cmd by booting from installation media:

  1. Boot to install media, press shift  f10 to bring up command prompt.
  2. move c:\windows\system32\utilman.exe c:\windows\system32\utilman.exe.bak (replace c with your system drive letter)
  3. copy c:\windows\system32\cmd.exe c:\windows\system32\utilman.exe
  4. Reboot computer
  5. Once booted, click the Ease of Access icon on the lower right corner
  6. You should now have a command prompt - use "net user X Y" to reset the password (replace X with username, Y with the password you want)
  7. Don't forget to delete utilman.exe and rename utilman.exe.bak back to utilman.exe

I've used this ^ several times. Also add 6a:  "net localgroup administrators [X] /add" to make your new user a local admin.

Kyle3748

You can do the ol sticky key trick. Give it a google you will find it.

This topic has been locked by an administrator and is no longer open for commenting.

To continue this discussion, please ask a new question.

How to Remove Administrator Password in Windows 10 Without Login

Source: https://community.spiceworks.com/topic/2237203-how-to-reset-local-admin-password-without-login-into-windows10