While working on a Windows Server, if something went wrong with Active Directory (AD) database, you will need to troubleshoot it. In this case, Directory Services Restore Mode (DSRM) is the way to resolve the issue. Basically, DSRM is there to repair or recover AD, when you’re having trouble with it. While you promote the server to a Domain Controller, you should be asked to create a DSRM password. That window is shown in below screenshot. In this article, we’ll see how to reset Directory Services Restore Mode account password in Windows Server.
In the above screenshot, you can see the window asking you to set a DSRM password. To set this password, you need to be member of member of the Domain Administrators group. If you ever lost this password and AD database is corrupted, you might not able to resolve the issue. Because to enter into Directory Services Restore Mode, you’ll be required to use this password. So let us see how you can reset DSRM password without restarting the server in DSRM.
Reset Directory Services Restore Mode password in Windows Server
1. Right click Start Button or press + X keys and select Run.
2. In Run, type ntdsutil
and press Enter key or click OK.
3. This should open Command Prompt in NT Directory Service Utility mode. Type set dsrm password
now and press Enter key.
4. Next, if you’re resetting DSRM password for current server, type reset password on server null
and hit Enter. In case, if you’re resetting DSRM password for another server, execute reset password on server <servername>
command. Make sure you replace <servername> with another server DNS name.
5. After step 4, you’ll be asked to enter new DSRM password and then to confirm it. If this worked, you’ll see ‘Password has been set successfully’ message.
6. Now as the DSRM password is reset, you can execute q
command to quite DSRM Command Prompt. Again executing q
command will allow you to exit Command Prompt.
You can now use the new DSRM password to repair or recover AD database.
That’s it!
Leave a Reply