Reset Active Directory Restore Mode password

Maybe the most forgotten password is the one for Directory Services Restore Mode (DSRM) because it’s created only when a DC is built, and used only during critical DC recovery operations, which hopefully does not happen very often. Not knowing this password can prevent a successful recovery.

If you don’t know your DSRM password and haven’t stored them in a safe place, use the following commands for each Domain Controller to reset it to a known value:

ntdsutil
set dsrm password
reset password on server {servername}

Once you do this, write down that password and lock/encrypt it away.

2 Comments

  1. Saim Saiyed says:

    Thanks You saved my life

  2. Aijaz Ahmad Regoo says:

    Salaam
    Thanks man u really did a Good Job.
    Allah Bless U.

Leave a Reply