Monday, February 17, 2014

Resetting Windows Passwords

Recently I received the below request for help through the Contact Me section of my blog.

"Hi vTechie, I have a situation with a VM in my vSphere environment. We lost admin access to the VM (XP) and are unable to get back in. The machine has lost domain connectivity and we are unable to login as a user with cached credentials. We do not know when computer lost domain connectivity. Please help!"

This is a strong case for why you want to use linked clones in VMware View and Persona Management. VMware View and Persona Management together make virtual machines disposable and all of the user data is stored on a server instead of on the VMs. In this case when a VM has an issue you can set VMs to automatically refresh (reimaged) or you can do it manually. This prevents the need to fix broken VMs and generally makes life easier for both admins and users alike.

To answer the original question you must reset the user password you are trying to login as or login as a domain admin to regain access to the VM. If the domain trust relationship on the VM has been broken you must login as the local Administrator account to rejoin the computer to the domain. Again, this is not required if it is a linked clone. In that situation you would refresh or recompose that particular VM. If you do not know the local Administrator password you must reset it.

There is a boot disk you can download called Hiren's BootCD. Simply download the ISO and boot into the password recovery environment to reset the local Administrator password. You will also likely need to boot the VM into BIOS to move the CD Rom up in the boot order. In order to "Force BIOS Setup" right click the VM and select edit. Then click the Option tab at the top as shown below, and check the box for "Force BIOS Setup".

Once in the password recovery environment follow the instructions on the Hiren's BootCD website to unlock the local Administrator account. Once you've successfully logged in as the local Administrator you can rejoin the computer to the domain or recover user data.

If you have a question or would like to make a request for something you would like to see on my blog feel free to reach out to me.