This should work with Windows Vista, 7, 2003 and 2008, maybe more. I personally tested it with 2008 R2 Standard only.

To reset a Windows Admin password, you need the following things:

  • Physical access to the Server
  • A Windows installation boot media

If you have it all, continue with this:

  • insert boot media and reboot (from media)
  • jump through the menu so that you get a recovery console at the end
  • find the original installations C:\ drive and change to it (original C:\ drive can be D:\ or any other letter when booted from recovery/install media)
  • then:
cd Windows\System32\
copy sethc.exe C:\ <-- remember: C:\ could be D:\ now!!
copy /y cmd.exe sethc.exe
exit
  • reboot your box
  • on login screen, press shift-key five times
  • a command window should show up
  • maybe you have to press Alt+Tab until the new window has the focus
  • type:
net user administrator <new password>  <-- while <new password> is  actually replaced by your new password :)
exit
  • login with your new password