Hey guys, i've forgotten my admin logon passwd.how can i logon now??? pls HELP!!!!! George

you are screwed. There is no hope. in the future, don't use the administrator account. create a user account, immediately once you get in. This is exactly the reason for doing this. you should never, ever, under any circumstance use the admin account as a regular login. Create a new account with Admin privileges.. That's how you handle this. You won't find anyone that can hack an admin account, NT is secure, for that reason. What you can do, is reinstall NT. I know that's not helpful, but that's your only option.

I had this info sitting around just in case I ran into the same problem on a site, I have not tried it but there may be hope... There is a way to recover the Administrator account, but it's tricky (we've dedicated the next four tips to it, in fact) and requires physical access to the server. First, you must have the following: -- A regular user account that can log on locally to your NT machine. (If you already have an alternate installation of NT on the system to be recovered, skip ahead to the command prompt instruction in Part II.) -- The NT CD and s etup disks. Use the winnt /ox command to create the setup disks from the CD. -- Enough room to install a temporary copy of NT (Workstation will suffice, even on a Primary Domain Controller). -- The latest Service Pack ( http://support.microsoft.com/support/downloads/PNP281.asp ). First, boot up from the setup floppies you created and install a copy of NT in the \TEMPNT directory on any drive. Add the latest Service Pack. Make sure the Scheduler service is running and boot the alternate installation. At a command prompt, type AT HH:MM /INTERACTIVE CMD /K where HH:MM is 10 minutes from the current time, in 24-hour format. This opens a user- interactive command prompt that will allow you to log on. Setting it for 10 minutes should give you enough time to do the recovery operation. Edit the HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Services\Schedule key in the Registry. Double-click on Schedule and select the subkey under Schedule. Double-click on the Schedule value name in the right-hand pane and copy the REG_BINARY string to the Clipboard. Select HKEY_LOCAL_MACHINE and Load Hive from the Registry menu. When prompted for a hive file, go to your original installation's SYSTEM32\CONFIG folder and select the System hive. When you're prompted for a Key Name to mount the hive under, type ORIGSYS. When ORIGSYS appears under HKEY_LOCAL_MACHINE, open the Select key. Write down the value for the Current entry (usually 0). Browse to ORIGSYS\ControlSet00n\Services\Schedule and make sure the value for Start is 0x2. Add a new subkey named 001 under Schedule and add to it the type REG_SZ with the value CMD /K; add the type REG_BINARY with the Current value you recorded from the previous step. Select ORIGSYS and Unload Hive from the Registry menu. Under Control Panel/System/Startup/Shutdown, select the Startup option that boots your original NT installation. The order in which the items are listed in the drop-down menu is the same as it appeared in BOOT.INI, so the original boot will probably be the first entry. Shut down and restart, booting your original installation. Finally, log on as your user account and wait for the scheduled event (as detailed in Part II) to take place. When the command prompt opens, it will be under the context of the Schedule user (the user who set the schedule), as either the System account or an administrative account. If this machine is not a Primary Domain Controller, type MUSRMGR.exe. If it is, type USRMGR.exe. (If you get an error, click Yes and type your domain name.) Set the Administrator password and log off. Log back on as Administrator. You can delete your temporary NT installation.

Wow that is complicated. Hopefully you have been backing everything up....I guess you will now. If all else fails you can always reinstall NT to the same directory and recreate all of your user accounts! Like Rich said, disable the admimistrator's account and use it as a teplate. I always like to keep a "back door" account. Keep the password on file in a sealed envelope just in case something happens to you or you get locked out by someone else.

I have a program that lets you run password files agaist the encrypted NT admin password. Its works really good. It is a hack that was developed for NT.

http://www.sysinternals.com/ and look for NTLocksmith... Does exactly what they say it does... Sysinternals has all sorts of 'useful' items... There is another util elsewhere, but for the life of me I can't recall where just now..

George, I think some of these guys are trying to scare you to death. Let me show you how to get past this OH SO SECURE NT. 1) Boot from #1 NT Setup Disk. 2) Insert Disk #2 when prompted. 3) When asked if you want to INSTALL, REPAIR or REPLACE the OS choose (REPAIR). 4) When prompted to select the sections of NT to check for repairs choose ( SECURITY ) 5) When prompted to select which sections of NT to replace select ( SECURITY ) 6) You will need to insert the NT CD-Rom and Setup Disk #3 7) When prompted, reboot and rebuild the user accounts, unless you have a ERD floppy. Now how secure is that? Good Luck!